Add security/xhash #129

ricardobranco777 · 2024-02-26T17:32:33Z

Add security/xhash

[0.15.0] - 2024-03-24 Added Add horizontal scrolling to response body (#111) Use shift+left and shift+right Add app version to help modal Add "Copy as cURL" action to recipe menu (#123) Add hotkeys to select different panes Add pane for rendered request Show response size in Response pane (#129) Changed Run prompts while rendering request URL/body to be copied Improve UI design of profile pane Show raw bytes for binary responses Fixed Reset response body query when changing recipes (#133)

0.2.6 * Make list tightness match the reference implementation closer (#150, Michael Howell). This solves the problem where blank lines in the middle of a list are attributed to the list itself instead of the item, making its parent list become spuriously loose. * Fix bug with entities inside link destinations (#149). The bug affects cases like this: [link](\!); the backslash escape was being ignored here. * Commonmark.Entity: export pEntity [API change]. 0.2.5.1 * Replace source with search in list of block tags. This is a spec 0.31 change that was forgotten in the last release. 0.2.5 * Fix HTML comment parser to conform to 0.31.2 spec. * Update spec.txt tests to commonmark-spec 0.31.2. * Match HTML declaration blocks with lowercase letters (Michael Howell). * Specifically track the position where enders end (Michael Howell). 0.2.4.1 * Commonmark.Html: Add aria-hidden, d, and viewBox to allowed attributes list. * Correctly merge list blanks with non-list blanks (#133, Michael Howell). * Do not look for backslashed hard breaks in link titles (#130, Michael Howell). * Work around ghc bug with -K RTS options, to set the stack space properly for tests (#129). See https://gitlab.haskell.org/ghc/ghc/-/issues/10445. * Revert block state completely if lazy line (#126). This fixes an issue with lazily-wrapped footnotes. * Avoid adding trailing newline to list block if it's already there (Michael Howell). This fixes tight/loose classification in a few cases. * Fix incorrectly parsing links with nested [] (Michael Howell).

Changelog: ### GMime 3.2.15 * Fixed the g_mime_object_get_header API definition to note that it can return null * Fixed a memory leak in address_parse() (issue #159) * Added custom header folding logic for the Newsgroups: header (issue #162) * Fixed a configure issue regarding ac_cv_sys_file_offset_bits (issue #158) * Fixed an infinite loop in the Content-Type and Content-Disposition parameter serialization logic (issue #165) ### GMime 3.2.14 * Avoid clearing the header list of a GMimeMessage when adding addresses to an address header. (issue #129) * Added the internet_address_list_append_parse() prototype definition to internet-address.h. (issue #128) * Use gtk-doc ulink syntax in doc comments instead of `<a href=...>`. (issue #131) * Fixed rfc2047 token decoding logic for base64 encodings. (issue #133) * Properly handle GDateTime UTC offsets with non-zero seconds. (issue #134) * Improved introspection data for bindings such as Vala. * Improved address name quoting. * Added a GNotifyDestroy to the GMimeParserOptions callback. * Fixed the URL linkifier logic to properly handle links without a '/' before the query string. * Fixed the URL linkifier logic to handle domains that start with numbers. (issue #152) * Reverted base64 decoder optimizations from 3.2.10 and 3.2.11 to support chunked base64. (issue #150) ### GMime 3.2.13 * Optimized parsing of messages with lots of address headers. (issue #126) ### GMime 3.2.12 * Fixed a memory leak in g_mime_gpgme_get_decrypt_result(). * Updated vapigen.m4, introspection.m4, and gpgme.m4 to improve cross-platform builds. * Add and use ax_lib_socket_nsl.m4 so that systems that do not require linkage with libnsl are not forced to link with it unnecessesarily. * Changed the build system to no longer use dolt (which is obsolete). ### GMime 3.2.11 * Fixed a bug in the base64 decoder. D'oh! ### GMime 3.2.10 * Improved performance of base64 encoder by ~5%. * Improved performance of base64 decoder by ~25%. * Unref the autocrypt header after adding it to the list. (issue #118) * Work around a bug in g_time_zone_new_offset() by using identifiers instead. (issue #120) ### GMime 3.2.9 * g_mime_multipart_signed_verify() now allows type/subtype and type/x-subtype signature parts. (issue #115) * Fixed header folding logic to avoid folding the first line of a header value. (issue #112 and issue #113) * Fixed bugs discovered by static analysis. (issue #110) * Fixed GMimeStreamPipe to set errno to ESPIPE for seek/tell/length methods. * Fixed GMimeCertificates to prefer gpgme_user_id_t's address field over the email field. (issue #102) ### GMime 3.2.8 * Various fixes to Vala (and other?) language bindings. (issue #96 and issue #101) * Enabled build for PPC64LE architecture (issue #100) * Added g_mime_object_write_content_to_stream() (issue #97) * Fixed parameter list parsing logic to not report a warning when everything is valid. * Fixed the parser to handle MIME parts without headers -or- content of any kind.

@brownag

# wk 0.9.4 - Ensure package tests pass against sf 1.0-18 (#224, #225). # wk 0.9.3 - Ensure package compiles with `STRICT_R_HEADERS=1` (#222). # wk 0.9.2 - Add `wk_crs()` and `wk_set_crs()` methods for `bbox` (#213) - Fix wk_trans inconsistent meta flags handling (#217) - Ensure package builds on arm64 for Windows (#220) # wk 0.9.1 - Fix format strings/arguments for R-devel (#209). # wk 0.9.0 ## Breaking changes - The common well-known binary representation of POINT EMPTY (i.e., POINT (nan nan)) is now handled as POINT EMPTY allowing empty points to roundtrip through `wkb()` vectors (#196, #204). - `xy(NA, NA)` is now read as a null feature instead of POINT EMPTY. This preserves the invariant that null features can also be identified using `is.na()` (#205). - `xy(NaN, NaN)` is now read as POINT EMPTY and `is.na(xy(NaN, NaN))` now returns `FALSE`. This means that both EMPTY and null points can roundtrip through `xy()` (#205). ## Bugfixes and improvements - `wk_meta()` now contains a new column `is_empty`, which is `TRUE` for any feature that contains at least one non-empty coordinate. This allows more efficient detection of features with zero coordinates (#197, #199). - Updated PROJ data to use the latest pull of the database packaged with PROJ 9.3.0 (#201). - The wk package now compiles once again on gcc 4.8 (#203, #206). - Fixed `sfc_writer()` to correctly attach the `classes` attribute to sfc output with mixed geometry types (#195). - Function `sfc_writer()` now has an argument `promote_multi` to write any input as the MULTI variant. This makes it more likely that an input vector will be read as a single geometry type (#198). - The `wk_collection_filter()` now correctly increments the `part_id` when calling the child handler (@brownag, #194). # wk 0.8.0 * Added `wkb_to_hex()` (@anthonynorth, #183). * Implemented `vctrs::vec_proxy_equal()` for `wkb()` vctrs (@anthonynorth, #183). * Fixed `sfc_writer()`, which had returned NULL for some inputs (e.g., via `wk_collection()`) (@anthonynorth, #182, #186). * Added `wk_clockwise()` and `wk_counterclockwise()` to re-wind polygon rings (@anthonynorth, #188). * New replacement-function mode for `wk_coords<-()` for in-place modification of coordinates (@mdsumner, #187). * New function `wk_trans_explicit()` migrated from crs2crs (@mdsumner, #187). # wk 0.7.3 * Fix tests for updated waldo package (#178). # wk 0.7.2 * Fix use-after-free warnings. # wk 0.7.1 * Fix implicit reliance on error `as.data.frame.default()`, which no longer occurs in r-devel (#166). # wk 0.7.0 * Remove legacy headers that are no longer used by any downstream package (#146). * `validate_wk_wkt()` now errors for an object that does not inherit from 'wk_wkt' (#123, #146). * Added `wk_crs_projjson()` to get a JSON representation of a CRS object. To make lookup possible based on shortcut-style CRS objects (e.g., `"EPSG:4326"` or `4326`), added data objects `wk_proj_crs_view` and `wk_proj_crs_json` that contain cached versions of rendered PROJJSON based on the latest PROJ version (#147). * Added a `wk_crs_proj_definition()` method for `wk_crs_inherit()` (#136, #147). * Conversion to sf now uses the `sfc_writer()` for all wk classes, making conversions faster and fixing at least one issue with conversion of NA geometries to sf (#135). * `wk_plot()` now plots `NULL`/`NA` geometries and mixed geometry types more reliably (#142, #143, #149). * Exported EMPTY geometries to well-known text now include dimension (e.g., `POINT Z EMPTY`) (#141, #150). * Fixed bug where `wk_polygon()` doubled some points when the input contained closed rings (#134, #151). * Fixed bug where `wk_count()` exposed uninitialized values for empty input (#139, #153). * The `xy_writer()` now opportunistically avoids allocating vectors for Z or M values unless they are actually needed (#131, #154). * Added example WKT for all geometry types and dimensions plus helper `wk_example()` to access them and set various properties (#155). * Fixes warnings when compiling with `-Wstrict-prototypes` (#157, #158). * Removed `wk_chunk_map_feature()` in favour of using chunking strategies directly (#132, #159). * Optimized `wk_coords()` for `xy()` objects (#138, #160). * Added accessor methods for record-style vectors: `rct_xmin()`, `rct_xmax()`, `rct_ymin()`, `rct_ymax()`, `rct_width()`, `rct_height()`, `crc_center()`, `crc_x()`, `crc_y()`, `crc_r()`, `xy_x()`, `xy_y()`, `xy_z()`, and `xy_m()` (#144, #161). * Added rectangle operators `rct_intersects()`, `rct_contains()`, and `rct_intersection()` (#161). # wk 0.6.0 * Fixed `wk_affine_rescale()` to apply the translate and scale operations in the correct order (#94). * Add `wk_handle_slice()` and `wk_chunk_map_feature()` to support a chunk + apply workflow when working with large vectors (#101, #107). * C and R code was rewritten to avoid materializing ALTREP vectors (#103, #109). * Added a `wk_crs_proj_definition()` generic for foreign CRS objects (#110, #112). * Added `wk_crs_longlat()` helper to help promote authority-compliant CRS choices (#112). * Added `wk_is_geodesic()`, `wk_set_geodesic()`, and argument `geodesic` in `wkt()` and `wkb()` as a flag for objects whose edges must be interpolated along a spherical/ellipsoidal trajectory (#112). * Added `sf::st_geometry()` and `sf::st_sfc()` methods for wk geometry vectors for better integration with sf (#113, #114). * Refactored well-known text parser to be more reusable and faster (#115, #104). * Minor performance enhancement for `is.na()` and `validate_wk_wkb()` when called on a very long `wkb()` vector (#117). * Fixed issue with `validate_wk_wkb()` and `validate_wk_wkt()`, which failed for most valid objects (#119). * Added `wk_envelope()` and `wk_envelope_handler()` to compute feature-wise bounding boxes (#120, #122). * Fixed headers and tests to pass on big endian systems (#105, #122). * Incorporated the geodesic attribute into vctrs methods, data frame columns, and bbox/envelope calculation (#124, #125). * Fix `as_xy()` for nested data frames and geodesic objects (#126, #128). * Remove deprecated `wkb_problems()`, `wkt_problems()`, `wkb_format()`, and `wkt_format()` (#129). * `wk_plot()` is now an S3 generic (#130). # wk 0.5.0 * Fixed bugs relating to the behaviour of wk classes as vectors (#64, #65, #67, #70). * `crc()` objects are now correctly exported as polygons with a closed loop (#66, #70). * Added `wk_vertices()` and `wk_coords()` to extract individual coordinate values from geometries with optional identifying information. For advanced users, the `wk_vertex_filter()` can be used as part of a pipeline to export coordinates as point geometries to another handler (#69, #71). * Added `wk_flatten()` to extract geometries from collections. For advanced users, the `wk_flatten_filter()` can be used as part of a pipeline (#75, #78). * `options("max.print")` is now respected by all vector classes (#72, #74). * Moved implementation of plot methods from wkutils to wk to simplify the dependency structure of both packages (#80, #76). * Added `wk_polygon()`, `wk_linestring()`, and `wk_collection()` to construct polygons, lines, and collections. For advanced users, `wk_polygon_filter()`, `wk_linestring_filter()`, and `wk_collection_filter()` can be used as part of a pipeline (#77, #84). * Added a C-level transform struct that can be used to simplify the the common pattern of transforming coordinates. These structs can be created by other packages; however, the `wk_trans_affine()` and `wk_trans_set()` transforms are also built using this feature. These are run using the new `wk_transform()` function and power the new `wk_set_z()`, `wk_set_m()`, `wk_drop_z()`, `wk_drop_m()`, functions (#87, #88, #89). # wk 0.4.1 * Fix LTO and MacOS 3.6.2 check errors (#61). # wk 0.4.0 * Removed `wksxp()` in favour of improved `sf::st_sfc()` support (#21). * Rewrite existing readers, writers, and handlers, using a new C API (#13). * Use new C API in favour of header-only approach for all wk functions (#19, #22). * Use cpp11 to manage safe use of callables that may longjmp from C++. * Vector classes now propagate `attr(, "crs")`, and check that operations that involve more than one vector have compatable CRS objects as determined by `wk_crs_equal()`. * Added an R-level framework for other packages to implement wk readers and handlers: `wk_handle()`, `wk_translate()`, and `wk_writer()` (#37). * Added a native reader and writer for `sf::st_sfc()` objects and implemented R-level generics for sfc, sfg, sf, and bbox objects (#28, #29, #38, #45). * Implement `crc()` vector class to represent circles (#40). * Added a 2D cartesian bounding box handler (`wk_bbox()`) (#42). * Refactored unit tests reflecting use of the new API and for improved test coverage (#44, #45, #46). * Added `wk_meta()`, `wk_vector_meta()`, and `wk_count()` to inspect properties of vectors (#53). * Modified all internal handlers such that they work with vectors of unknown length (#54). # wk 0.3.4 * Fixed reference to `wkutils::plot.wk_wksxp()`, which no longer exists. # wk 0.3.3 * Fixed WKB import of ZM geometries that do not use EWKB. * Added `xy()`, `xyz()`, `xym()` and `xyzm()` classes to efficiently store point geometries. * Added the `rct()` vector class to efficiently store two-dimensional rectangles. * Fixed the CRAN check failure caused by a circular dependency with the wkutils package. * Added S3 methods to coerce sf objects to and from `wkt()`, `wkb()` and `wksxp()`. # wk 0.3.2 * Fixed EWKB output for collections and multi-geometries that included SRID (#3). * Fixed CRAN check errors related to exception handling on MacOS/R 3.6.2. # wk 0.3.1 * Added a `NEWS.md` file to track changes to the package.

2.3.0 (2024-12-05) Minor Enhancements * Simplify checking if an archive type is enabled (#149) * Memoize relative_path attribute of archive pages (#153) * Memoize date attribute of date-type archive pages (#154) * Allow creating slugs for emoji characters. (#129) * Use Liquid drop to expose attributes to templates (#158) Bug Fixes * Return unless 'jekyll-archives' config is a Hash (#139) * Include LICENSE in built gem (#180) Internal Refactors * Initialize Archives generator with a hash (#135) * Remove support for legacy Jekyll versions (#136) * Read-in site's tags and categories attributes (#137) * Use private helper to append enabled archive type (#150) * Access nested Hash values with Hash#dig (#151) * Generate custom post_attr_hash with private helper (#152) Development Fixes * Migrate CI to GitHub Actions (#177) * Add style_check job to CI workflow (#178) * Add workflow to release gem via GitHub Actions (#179) Documentation Fixes * Substitute 'gems' with 'plugins' (#143)

# sass 0.4.9 - Closed #138: font_google(local = TRUE) now uses woff2 (instead of woff) for a font file type. (#139) # sass 0.4.8 - Closed #132: Fix R CMD check warning re error() format strings (for r-devel). (#133) # sass 0.4.7 - Closed #129: Fixed a compilation warning on latest Apple Clang (15). (#130) - Closed #125: Installation now (correctly) requires `{fs}` >= 1.2.4.

@grahammiln

What's Changed Fix typo, add links, and formatting by @grahammiln in #128 README change binary name in usage example by @mikelolasagasti in #126 gha: update golangci-lint to v1.62.2 by @thaJeztah in #131 Preserve compatibility with go <= 1.17 by @thaJeztah in #130 update minimum go version to go1.12, and test in gh by @thaJeztah in #129

xca 2.8.0 Sun Oct 13 2024 ------------------------- * Add SHA3 algorithms to the select box * Close #593: App freezes/crashes when trying to export certain keys * Close #306 #537: Allow Database-driver options in config file * Close #537: macos: Compile mariadb-connector and qsqlmysql * Close #152: How can we specify the Cryptographic Service Provider * Close #590: MacOS OpenSSL legacy provider not loaded * Close #199: Templates and Key Identifiers * Close #239: Check existing Name Constraints * Add OpenSSL PURPOSE and validation results * Close #587: Incomplete refactoring of adapt_explicit_subj * Combine #90 and #315 and support UPN in name constraints * Close #90, #361: Name Constraints (RFC5280 section 4.2.1.10) * Close #296: Proper plurals * Close #88: Export to multiple files with common or individual password * Close #313: Support JWK export format of certificates * Close #359: Symlink to PKCS#11 lib resolved * Close #552: issues with icons in gnome dock * Close #315 Support UPN type for EAP/802.1X certificate * Add korean translation * Close #287: template don't save/restore correctly * Close #351: a1int::getLong() doesn't handle all error cases * Close #401: Write PEM data to a file especially for crlgen * Close #548: export certificate: error using child folder * Close #391: hide expired and revoked certificates xca 2.7.0 Tue Aug 27 2024 ------------------------- * Close #311: Install QT translation files again * Close #304: oids.txt not found etc if prefix non-standard * Add cmdline option to disable native dialogs * Close #364: Export ED25519 private key with password * Switch encryption in "Cert+PKCS#8" and "Database dump mode from DES3-EDE to AES-256 * Drop support of encrypted PVK files. * Windows/Mac build: switch to QT 6.6.3 * Close #554: Missing option to disable file association in Windows setup * Close #395: Flexible Clipboard Export * Close #550: Fix compiling tests issue by providing -pthread link flag. * Fix calendar export for CAs * Support importing existing OpenVPN TLS Auth keys * Fix "Copy extensions from request" function * Fix login via PinPad on e.g ReinerSCT * Extend #383: tag insecure PFX/PKCS#12 algorithms * Close #536: macos include OpenSSL legacy provider * Close #532: XCA not in English on macos * Close #89: ta.key for OpenVPN tls-auth * Close #496: PKCS11 access to AWS CloudHSM failed * Yubikey improvements xca 2.6.0 Mon Feb 26 2024 ------------------------- * Update documentation of certificate export and remote databases * Close #520: Fix permanent processor load * Close #518: Export certificates for ovpn file * Close #512 #474 #481 #506 #509: SHA1 based MAC for PKCS12 * Close #458 #511 #503 #500 #494 #484 #482 #475: Support legacy keys and automatically transform them if possible. * Close #493: Renew Certificate freeze XCA * Close #477: paste an encrypted private key results in a crash * Fix crash when deleting CA certificates * Close #480: add flatpak build information and github action * Close #402: Subject Alternative Name not filled by all CN * Improve import: Finish multi import when empty * Add File extensions in Info.plist supported by XCA * Close #384: Quick view of certificates without trying to open XCA * Close #459: pass private key password * Close #465: Export PEM + Key in one File * Close #460: Impossible to import PKCS#12 (RC40_CBC) * Make XCA AppStore compliant with -DAPPSTORE_COMPLIANT=ON xca 2.5.0 Sun Sep 24 2023 ------------------------- * Close #423: parameter --name is not respected when running with CLI * Close #457: Support Qt5 < 5.12 / python3-sphinxcontrib.qthelp * Close #440: yellow background makes date text hard to read in dark themes * Close #437: loading CRL at startup generates an error * Close #444 cannot update template internal name * Close #442: asan checks failed * Close #446: show more information in Recent Databases * Improve/Fix database loading * Document vCalendar/ics feature #456 * Fix possible segfault caused by wrong free() * Add Bulgarian translation * Close #368: error while creating CRL with CA using EC key (ed25519) * Treat CKA_ID as byte array, not Bignum * Fix #321 - decryptKey shows OpenSSL error * Merge #325 Update entitlement.plist * Close #366: Not Responding after upgrade * Add Persian translation .ts file to XCA. * Close #327: "Dump database" dumps everything to everywhere * Close #317: "Please insert card: ..." message * Add Indonesian translation * Close #283 Nitrokey HSM2 can't create EC keys on 2.4.0 * Switch from autotools/qmake to cmake * Close #278: Miss components to connect remote database * Commandline: Add "--list-items" to print a list of database items * Close #67: possibility to ignore password prompt from CLI * Close #259: Follow the XDG base directory specification * Add support for Qt6 and OpenSSL 3.x * Drop support for Qt4 * Drop support for old XCA < 2.0.0 databases * Drop support for OpenSSL < 1.1.0 xca 2.4.0 Fri May 07 2021 ------------------------- * Unify XCA icon (certificate) on all platforms * Close #247: Apple silicon (M1) configure fixes * Add Microsoft BitLocker extended key usage * Disregard OpenSSL 0.9.8 compatibility * Add bash completion script * Add context sensitive help * Convert documentation from linuxdoc/SGML to sphinxdoc * Close #258: xca aborts on exit and on access to own templates * Close #142: Support Ed25519 Import / Export private SSH2 key * Close #142: Support Ed25519: Key-generation, import, export * Close #251: AuthorityKeyIdentifier: use issuer:always * Change language maintainer of brazilian portuguese * Close #230: Change PKCS12 export extension from .p12 to .pfx * Close #208: XCA hung when importing EC keys. For example prime256v1 * Close #210: Make dialog to edit SAN less strict * Close #224: Store original path/filename on import * Close #213: configure.ac: add description to AC_DEFINE_UNQUOTED * Close #172 #46: Multiple OCSP Responders * Store default database and recently opened file as UTF8 * Close #157 Generate and export CRLs from commandline * Add command line support for creating CRLs, keys and analyzing items xca 2.3.0 Wed Apr 29 2020 ------------------------- * Close #191 OID LN differs warning popups at startup * Close #189 Database compaction #189 * Improve PKCS11 library loading for portable app * Refactor native separators / and \ on windows. * Support TLS encrypted MariaDB and PostgreSQL connection * Close #182: UI not using Windows native theme in 2.2.1 portable * Close #70: cant open ics file in ical on macos mojave * Close #72: Add checkbox for OCSP staple feature * Use DESTDIR instead of destdir when installing. Follows autotools convention. * Close #172 #46: Multiple OCSP Responders * Close #170 xca-portable-2.2.1 cannot change language * Fix certificate assignment when importing a CA certificate * Close #163: Show key type/size on column of Certificates tab xca 2.2.1 Thu Jan 30 2020 ------------------------- * Close #159 Opening existing database xca 2.2.0 Wed Jan 29 2020 ------------------------- * Switch to MSI installer * Close #129 Unattended Installation * Rename HTTPS templates to TLS and support KU/EKU extensions needed by OpenVPN * Close #93 Default output folder / Improve Portable App usability * Improve EC Curve selection for key generation. * Close #21 Support for ODBC (MSSQL) * Close #136 Provide 64bit version of xca * Close #156 secp256k1, secp256r1 and NIST-P256 * Transfer Key Usage and Extended Key Usage critical flags * Improve item loading. Inspired by #153 * Add japanese translation * Close #138: Portable Version does not remember paths * Close #83: Token selection should not insist on name or serial of the token * Close #95: Copy mysql and psql windows dll files into portable app * Close #144: Database export has issues with wildcards in internal names * Close #143: Hotkey for import * Close #140: Certificate renewal with option to preserved serial number * Fix possible XCA crash * Add Dutch translation * Add Chinese translation * Add Italian language * CLose #120: Mark signed a request doesn't work * Close #119: Rename "PostgreSQL 6 and 7" to just "PostgreSQL" * Close #116: Duplicate extensions erroneously shown * Close #114: SAN - IPv6 address input not working * Close #68 Generating large DH params freezes UI * Support concurrent database access. * Close #91: Change order of "PKCS#11 provider" * Extend PEM files by human readable information about the item * Support ecdsa SSH public keys * Close #98 Add comment at import/export RSA keys from/to SSH public key * Close #101: Finish Rename with Enter shows Property Dialog * Close #104: Also show sha256 digests of public keys * Close #82: Renew CA ROOT Cert * Verify imported keys thoroughly

@TomPlanche

What's Changed feat(logging): Add configurable logging system with documentation by @TomPlanche in #126 Fix Multiplayer Connection Issues with Improved Socket Handling and Logging by @TomPlanche in #128 [FIX] Corrected moves history display by @TomPlanche in #130 fix: esc key bug when playing bot by @thomas-mauran in #129

@Etto48

v1.11.0 - Fixed Mach-O entry point by @Etto48 in #126 - Added comments by @Etto48 in #128 - Now you can load and save comments by @Etto48 in #129 - Added comments plugin api by @Etto48 in #130 v1.10.0 - Added fullscreen mode by @Lorenzinco in #124 - Fixed the plugin api relative to the new fullscreen functionality by @Etto48 in #125

Snowball 3.0.1 (2025-05-09) =========================== Python ------ * The __init__.py in 3.0.0 was incorrectly generated due to a missing build dependency and the list of algorithms was empty. First reported by laymonage. Thanks to Dmitry Shachnev, Henry Schreiner and Adam Turner for diagnosing and fixing. (#229, #230, #231) * Add trove classifiers for Armenian and Yiddish which have now been registered with PyPI. Thanks to Henry Schreiner and Dmitry Shachnev. (#228) * Update documented details of Python 2 support in old versions. Snowball 3.0.0 (2025-05-08) =========================== Ada --- * Bug fixes: + Fix invalid Ada code generated for Snowball `loop` (it was partly Pascal!) None of the stemmers shipped in previous releases triggered this bug, but the Turkish stemmer now does. + The Ada runtime was not tracking the current length of the string but instead used the current limit value or some other substitute, which manifested as various incorrect behaviours for code inside of `setlimit`. + `size` was incorrectly returning the difference between the limit and the backwards limit. + `lenof` or `sizeof` on a string variable generated Ada code that didn't even compile. + Fix incorrect preconditions on some methods in the runtime. + Fix bug in runtime code used by `attach`, `insert`, `<-` and string variable assignment when a (sub)string was replaced with a larger string. This bug was triggered by code in the Kraaij-Pohlmann Dutch stemmer implementation (which was previously not enabled by default but is now the standard Dutch stemmer). + Fix invalid code generated for `insert`, `<-` and string variable assignment. This bug was triggered by code in the Kraaij-Pohlmann Dutch stemmer implementation (which was previously not enabled by default but is now the standard Dutch stemmer). + Generate valid code for programs which don't use `among`. This didn't affect code generation for any algorithms we currently ship. + If the end of a routine was unreachable code the Snowball compiler would think the start of the next routine was also unreachable and would not generate it. This didn't affect code generation for any algorithms we currently ship. * Code quality: + Only declare variables A and C when each is needed. + Fix indentation of generated declarations. + Drop extra blank line before `Result := True`. C/C++ ----- * Bug fixes: + Fix potential NULL dereference in runtime code if we failed to allocate memory for the p or S member for a Snowball program which uses one or more string variables. Problem was introduced in Snowball 2.0.0. Fixes #206, reported by Maxim Korotkov. + Fix invalid C code generated when a failure is handled in a context with the opposite direction to where it happened, for example: externals (stem) define stem as ( try backwards 'x' ) This was fixed by changing the C generator to work like all the other generators and pre-generate the code to handle failure. + Eliminate assumptions that NULL has all-zero bit pattern. We don't know of any current platforms where this assumption fails, but the C standard doesn't require an all-zero bit pattern for NULL. Fixes #207. * Optimisations: + Store index delta for among substring_i field. This makes trying substrings after a failed match slightly faster because we can just add the offset to the pointer we already have to the current element. * Code quality: + Improve formatting of generated code. C# -- * Bug fixes: + Add missing runtime support for testing for a string var at the current position when working forwards. This situation isn't exercised by any of the stemming algorithms we currently ship. + Adjust generated code to work around a code flow analysis bug in the `mcs` C# compiler. * Code quality: + Prune unused `using System.Text;`. + Generate C# with UTF-8 source encoding. This makes the generated code easier to follow, which helps during development. It's also a bit smaller. For now codepoints U+0590 and above are still emitted as escape sequences to avoid confusing source code rendering when LTR scripts are involved. Go -- * Optimisations: + Drop some unneeded Go code generated for string `$`. None of the shipped stemmers use string `$`, though the Schinke Latin stemmer algorithm on the website does. * Code quality: + Dispatch among result with `switch` instead of an `if` ... `else if` chain (which looks like we did because the Go generator evolved from the Python generator and Python didn't used to have a switch-like construct. This doesn't make a measurable speed difference so it seems the Go compiler is optimising both to equivalent code, but using a switch here seems clearer, a better match for the intent, and is a bit simpler to generate. + Generate Go with UTF-8 source encoding. This makes the generated code easier to follow, which helps during development. It's also a bit smaller. For now codepoints U+0590 and above are still emitted as escape sequences to avoid confusing source code rendering when LTR scripts are involved. Java ---- * The Java code generated by Snowball requires now requires Java >= 7. Java 7 was released in 2011, and Java 6's EOL was 2013 so we don't expect this to be a problematic requirement. See #195. * Optimisations: + We now store the current string in a `char[]` rather than using a `StringBuilder` to reduce overheads. The `getCurrent()` method continues to return a Java `String`, but the `char[]` can be accessed using the new `getCurrentBuffer()` and `getCurrentBufferLength()` methods. Patch from Robert Muir (#195). + Use a more efficient mechanism for calling `among` functions. Patch from Robert Muir (#195). * Code quality: + Consistently put `[]` right after element type for array types, which seems the most used style. + Fix javac warnings in SnowballProgram.java. + Improve formatting of generated code. Javascript ---------- * Bug fixes: + Use base class specified by `-p` in string `$` rather than hard-coding `BaseStemmer` (which is the default if you don't specify `-p`). None of the shipped stemmers use string `$`, though the Schinke Latin stemmer algorithm on the website does. * Code quality: + Modernise the generated code a bit. Loosely based on changes proposed in #123 by Emily Marigold Klassen. * Other changes: + The Javascript runner is now specified by make variable `JSRUN` instead of `NODE` (since node is just one JS implementation). The default value is now `node` instead of `nodejs` (older Debian and Ubuntu packages used `/usr/bin/nodejs` because `/usr/bin/node` was already in use by a completely different package, but that has since changed). Pascal ------ * Bug fixes: + Add missing semicolons to code generated in some cases for a function which always succeeds or always fails. The new dutch.sbl was triggering this bug. + If the end of a routine was unreachable code the Snowball compiler would think the start of the next routine was also unreachable and would not generate it. This didn't affect code generation for any algorithms we currently ship. * Code quality: + Eliminate commented out code generated for string `$`. None of the shipped stemmers use string `$`, though the Schinke Latin stemmer algorithm on the website does. * Other changes: + Enable warnings, etc from fpc. + Select GNU-style diagnostic format. Python ------ * Optimisations: + Use Python set for grouping checks. This speeds up running the Python testsuite by about 4%. + Routines used in `among` are now referenced by name directly in the generated code, rather than using a string containing the name. This avoids a `getattr()` call each time an among wants to call a routine. This doesn't seem to make a measurable speed difference, but it's cleaner and avoids problems with name mangling. Suggested by David Corbett in #217. + Simplify code generated for `loop`. If the iteration count is constant and at most 4 then iterate over a tuple which microbenchmarking shows is faster. The only current uses of loop in the shipped stemmers are `loop 2` so benefit from this. Otherwise we now use `range(AE)` instead of `range (AE, 0, -1)` (the actual value of the loop variable is never used so only the number of iterations matter). * Bug fixes: + Correctly handle stemmer names with an underscore. * Code quality: + Generate Python with UTF-8 source encoding. This makes the generated code easier to follow, which helps during development. It's also a bit smaller. For now codepoints U+0590 and above are still emitted as escape sequences to avoid confusing source code rendering when LTR scripts are involved. * Other changes: + Set python_requires to indicate to install tools that the generated code won't work with Python 3.0.x, 3.1.x and 3.2.x (due to use of `u"foo"` string literals). Closes #192 and #191, opened by Andreas Maier. + Add classifiers to indicate support for Python 3.3 and for 3.8 to 3.13. Fixes #158, reported by Dmitry Shachnev. + Stop marking the wheel as universal, which had started to give a warning message. Patch from Dmitry Shachnev (#210). + Stop calling `setup.py` directly which is deprecated and now produces a warning - use the `build` module instead. Patch from Dmitry Shachnev (#210). Rust ---- * Optimisations: + Shortcut unnecessary calls to find_among, porting an optimization from the C generator. In some stemming benchmarks this improves the performance of the rust english stemmer by about 27%. Patch from jedav (#202). * Code quality: + Suppress unused_parens warning, for example triggered by the code generated for `$x = x*x` (where `x` is an integer). + Dispatch `among` result with `match` instead of an `if` ... `else if` chain (which looks like we did because the Rust generator evolved from the Python generator and Python didn't used to have a switch-like construct. This results in a 3% speed-up for an unoptimised Rust compile but doesn't seem to make a measurable difference when optimising so it seems the Rust compiler is optimising both to equivalent code. However using a `match` here seems clearer, a better match for the intent, and is a bit simpler to generate. + Generate Rust with UTF-8 source encoding. This makes the generated code easier to follow, which helps during development. It's also a bit smaller. For now codepoints U+0590 and above are still emitted as escape sequences to avoid confusing source code rendering when LTR scripts are involved. New stemming algorithms ----------------------- * Add Esperanto stemmer from David Corbett (#185). * Add Estonian algorithm from Linda Freienthal (#108). Behavioural changes to existing algorithms ------------------------------------------ * Dutch: Switch to Kraaij-Pohlmann as the default for Dutch. In case you want Martin Porter's Dutch stemming algorithm for compatibility, this is now available as `dutch_porter`. Fixes #1, reported by gboer. * Dutch (Kraaij-Pohlmann): Fix differences between the Snowball implementation and the original C implementation. * Dutch (Kraaij-Pohlmann): Add a small number of exceptions to the Snowball implementation to avoid unwanted conflations. This addresses all cases so far identified which Martin's Dutch stemmer handled better. Fixes #208. * Dutch (Porter): The "at least 3 characters" part of the R1 definition was actually implemented such that when working in UTF-8 it was "at least 3 bytes". We stripped accents normally found in Dutch except for `è` before setting R1, and no Dutch words starting `è` seem to stem differently depending on encoding, but proper nouns and other words of foreign origin may contain other accented characters and it seems better for the stemmer to handle such words the same way regardless of the encoding in use. * English: Replace '-ogist' with '-og' to conflate "geologist" and "geology", etc. Suggested by Marc Schipperheijn on snowball-discuss. * English: Add extra condition to undoubling. We no longer undouble if the double consonant is preceded by exactly "a", "e" or "o" to avoid conflating "add"/"ad", "egg"/"eg", "off"/"of", etc. Fixes #182, reported by Ed Page. * English: Avoid conflating 'emerge' and 'emergency'. Reported by Frederick Ross on snowball-discuss. * English: Avoid conflating 'evening' and 'even'. Reported by Ann B on snowball-discuss. * English: Avoid conflating 'lateral' and 'later'. Reported by Steve Tolkin on snowball-discuss. * English: Avoid conflating 'organ', 'organic' and 'organize'. * English: Avoid conflating 'past' and 'paste'. Reported by Sonny on snowball-discuss. * English: Avoid conflating 'universe', 'universal' and 'university'. Reported by Clem Wang on snowball-discuss. * English: Handle -eed and -ing exceptions in their respective rules. This avoids the overhead of checking for them for the majority of words which don't end -eed or -ing. It also allows us to easily handle vying->vie and hying->hie at basically no extra cost. Reduces the time to stem all words in our English word list by nearly 2%. * French: Remove elisions as first step. See #187. Originally reported by Paul Rudin and kelson42. * French: Remove -aise and -aises so for example, "française" and "françaises" are now conflated with "français". Fixes #209. Originally reported by ririsoft and Fred Fung. * French: Avoid incorrect conflation of `mauvais` (bad) with `mauve` (mauve, mallow or seagull); avoid conflating `mal` with `malais`, `pal` with `palais`, etc. * French: Avoid conflating `ni` (neither/nor) with `niais` (inexperienced/silly) and `nie`/`nié`/`nier`/`nierais`/`nierons` (to deny). * French: -oux -> -ou. Fixes #91, reported by merwok. * German: Replace with the "german2" variant. This normalises umlauts ("ä" to "ae", "ö" to "oe", "ü" to "ue") which is presumably much less common in newly created text than it once was as modern computer systems generally don't have the limitations which motivated this, but there will still be large amounts of legacy text which it seems helpful for the stemmer to handle without having to know to select a variant. On our sample German vocabulary which contains 35033 words, 77 words give different stems. A significant proportion of these are foreign words, and some are proper nouns. Some cases definitely seem improved, and quite a few are just different but effectively just change the stem for a word or group of words to a stem that isn't otherwise generated. There don't seem any changes that are clearly worse, though there are some changes that have both good and bad aspects to them. Fixes #92, reported by jrabensc. * German: Don't remove -em if preceded by -syst to avoid overstemming words ending -system. This change means we now conflate e.g. "system" and "systemen". Partly addresses #161, reported by Olga Gusenikova. * German: Remove -erin and -erinnen suffixes which conflates singular and plural female versions of nouns with the male versions. Fixes #85 and partly addresses #161, reported by Olga Gusenikova. * German: Replace -ln and -lns with -l. This improves 82 cases in the current sample data without making anything worse. Tests on a larger word list look good too. Partly addresses #161, reported by Olga Gusenikova. * German: Remove -et suffix when we safely can. Fixes #200, reported by Robert Frunzke. * Greek: Fix "faulty slice operation" for input `ισαισα`. The fix changes `ισα` to stem to `ισ` instead of the empty string, which seems better (and to be what the second paper actually says to do if read carefully). Fixes #204, reported by subnix. * Italian: Address overstemming of "divano" (sofa) which previously stemmed to "div", which is the stem for 'diva' (diva). Now it is stemmed to 'divan', which is what its plural form 'divani' already stemmed to. Fixes #49, reported by francesco. * Norwegian: Improve stemming of words ending -ers. Fixes #175, reported by Karianne Berg. * Norwegian: Include more accented vowels - treating "ê", "ò", "ó" and "ô" as vowels improves the stemming of a fairly small number of words, but there's basically no cost to having extra vowels in the grouping, and some of these words are commonly used. Fixes #218, reported by András Jankovics. * Romanian: Fix to work with Romanian text encoded using the correct Unicode characters. Romanian uses a "comma below" diacritic on letters "s" and "t" ("ș" and "ț"). Before Unicode these weren't easily available so Romanian text was written using the visually similar "cedilla" diacritic on these letters instead ("ş" and "ţ"). Previously our stemmer only recognised the latter. Now it maps the cedilla forms to "comma below" as a first step. Patch from Robert Muir. * Spanish: Handle -acion like -ación and -ucion like -ución. It's apparently common to miss off accents in Spanish, and there are examples in our test vocabulary that these change helps. Proposed by Damian Janowski. * Swedish: Replace suffix "öst" with "ös" when preceded by any of 'iklnprtuv' rather than just 'l'. The new rule only requires the "öst" to be in R1 whereas previously we required all of "löst" to be. This second tweak doesn't seem to affect any words ending "löst" but it conflates a few extra cases when combined with the expanded list of preceding letters, and seems more logical linguistically (since "ös" is akin to "ous" in English). Fixes #152, reported by znakeeye. * Swedish: Remove -et/-ets in cases where it helps. Removing -et can't be done unconditionally because many words end in -et where this isn't a suffix. However it's a very common suffix so it seems worth crafting a more complex condition under which to remove. Fixes #47. * Turkish: Remove proper noun suffixes. For example, `Türkiye'dir` ("it is Turkey") is now conflated with `Türkiye` ("Turkey"). Fixes #188. * Yiddish: Avoid generating empty stem for input "גע" (not a valid word, but it's better to avoid an empty stem for any non-empty input). Optimisations to existing algorithms ------------------------------------ * General change: Use `gopast` everywhere to establish R1 and R2 as it is a little more efficient to do so. * Basque: Use an empty action rather than replacing the suffix with itself which seems clearer and is a little more efficient. * Dutch (Porter): Optimise prelude routine. * English: Remove unnecessary exception for `skis` as the algorithm stems `skis` to `ski` by itself (`skies` and `sky` do still need a special case to avoid conflation with `ski` though). * Hungarian: We no longer take digraphs into account when determining where R1 starts. This can only make a difference to the stemming if we removed a suffix that started with the last character of the digraph (or with "zs" in the case of "dzs"), and that doesn't happen for any of the suffixes we remove for any valid Hungarian words. This simplification speeds up stemming by ~2% on the current sample vocabulary list. See #216. Thanks to András Jankovics for confirming no Hungarian words are affected by this change. * Lithuanian: Remove redundant R1 check. * Nepali: Eliminate redundant check_category_2 routine. * Tamil: Optimise by using `among` instead of long `or` chains. The generated C version now takes 43% less time to processes the test vocabulary. * Tamil: Remove many cases which can't be triggered due to being handled by another case. * Tamil: Clean up some uses of `test`. * Tamil: Make `fix_va_start` simpler and faster. * Tamil: Localise use of `found_a_match` flag. * Tamil: Eliminate pointless flag changes. * Turkish: Minor optimisations. Code clarity improvements to existing algorithms ------------------------------------------------ * Stop noting dates changes were made in comments in the code - we now maintain a changelog in each algorithm's description page on the website (and the version control history provides a finer grained view). * Always use `insert` instead of `<+` as the named command seems clearer. * English: Add comments documenting motivating examples for all exceptional cases. * Lithuanian: Change to recommended latin stringdef codes. Using common codes makes it easier to work across algorithms, but they are more mnemonic so also seem clearer when just considering this one algorithm. * Serbian: Change to recommended latin stringdef codes. Using common codes makes it easier to work across algorithms, but they are more mnemonic so also seem clearer when just considering this one algorithm. * Turkish: Use `{sc}` for s-cedilla and `{i}` for dotless-i to match other uses. Compiler -------- * Generic code generation improvements: + Show Snowball source leafname in "generated" comment at start of files. + Add generic reachability tracking machinery. This facilitates various new optimisations, so far the following have been implemented: - Tail-calling - Simpler code for calling routines which always give the same signal - Simpler code when a routine ends in a integer test (this also allows eliminating an Ada-specific codegen optimisation which did something similar but only for routines which consisted *entirely* of a single integer test. - Dead code reporting and removal (only in simple cases currently) Currently this overlaps in functionality with the existing reachability tracking which is implemented on a per-language basis, and only for some languages. This reachability tracking was originally added for Java where some unreachable code is invalid and result in a compile time error, but then seems to have been copied for some other newer languages which may or may not actually need it. The approach it uses unfortunately relies on correctly updating the reachability flag anywhere in the generator code where reachability can change which has proved to be a source of bugs, some unfixed. This new approach seems better and with some more work should allow us to eliminate the older code. Fixes #83. + Omit check for `among` failing in generated code when we can tell at compile time that it can't fail. + Optimise `goto`/`gopast` applied to a grouping or inverted grouping (which is by far the most common way to use `goto`/`gopast`) for all target languages (new for Go, Java, Javascript, Pascal and Rust). + We never need to restore the cursor after `not`. If `not` turns signal `f` into `t` then it sets `c` back to its old position; otherwise, `not` signals `f` and `c` will get reset by whatever ultimately handles this `f` (or the program exits and the position of `c` no longer matters). This slightly improves the generated code for the `english` and `porter` stemmers. + Don't generate code for undefined or unused routines. + Avoid generating variable names and then not actually using them. This eliminates mysterious gaps in the numbering of variables in the generated code. + Eliminate `!`/`not` from integer test code by generating the inverse comparison operator instead for all languages, e.g. for Python we now generate if self.I_p1 >= self.I_x: instead of if not self.I_p1 < self.I_x: This isn't going to be faster in compiled languages with an optimiser but for scripting languages it may be faster, and even if not, it makes for a little less work when loading the script. + Canonicalise `hop 1` to `next` as the generated code for `next` can be slightly more efficient. This will also apply to `hop` followed by a constant expression which Snowball can reduce to `1`. + Avoid trailing whitespace in generated files. + Fix problems with --comments option: - When generating C code we would segfault for code containing `atleast`, `hop` or integer tests. - Fix missing comments for some commands in some target languages. - Fix inconsistent formatting of comments in some target languages. - Comments in C are now always on their own line - previously some were after at the end of the line and some on their own line which made them harder to follow. - Emit comments before `among` and before routine/external definitions. + Simplify more cases of numeric expressions (e.g. `x * 1` to `x`). * Improve --help output. * Division by zero during constant folding now gives an error. * For `hop` followed by an unexpected token (e.g. `hop hop`) we were already emitting a suitable error but would then segfault. * Emit error for redefinition of a grouping. * Improve errors for `define` of an undeclared name. We already peek at the next token to decide whether to try to parse as a routine or grouping. Previously we parsed as a routine if it was `as`, and a grouping otherwise, but routine definitions are more common and a grouping can only start with a literal string or a name, so now we assume a routine definition with a missing `as` if the next token isn't valid for either. * Suppress duplicate (or even triplicate) "unexpected" errors for the same token when the compiler tried to recover from the error by adjusting the parse stare and marking the token to be reparsed, but the same token then failed to parse in the new state. * Fix NULL pointer dereference if an undefined grouping is used in the definition of another grouping. * Fix mangled error for `set` or `unset` on a non-boolean: test.sbl:2: nameInvalid type 98 in name_of_type() * Emit warning if `=>` is used. The documentation of how it works doesn't match the implementation, and it seems it has only ever been used in the Schinke stemmer implementation (which assumes the implemented behaviour). We've updated the Schinke implementation to avoid it. If you're using it in your own Snowball code please let us know. * Improve errors for unterminated string literals. * Fix NULL pointer dereference on invalid code such as `$x = $y`. * If malloc fails while compiling the compiler will now report the failure and exit. Previously the NULL return from malloc wasn't checked for so we'd typically segfault. * `lenof` and `sizeof` applied to a string variable now mark the variable as used, which avoids a bogus error followed by a confusing additional message if this is the only use of that variable: lenofsizeofbug.sbl:3: warning: string 's' is set but never used Unhandled type of dead assignment via sizeof This is situation is unlikely to occur in real world code. * The reported line number for "string not terminated" error was one too high in the case where we were in a stringdef (but correct if we weren't). * Eliminate special handling for among starter. We now convert the starter to be a command before the among, adding an explict substring if there isn't one. * We now warn if the body of a `repeat` or `atleast` loop always signals `t` (meaning it will loop forever which is very undesirable for a stemming algorithm) or always signals `f` (meaning it will never loop, which seems unlikely to be what was intended). * Release memory in compiler before exit. The OS will free all allocated memory when a process exits, so this memory isn't actually leaked, but it can be annoying with when using snowball as part of a larger build process with some leak-finding tools. Patch from jsteemann in #166. * Store textual data more efficiently in memory during Snowball compilation. Previously almost all textual data was stored as 16 bit values, but most such data only uses 8 bit character values. Doubling the memory usage isn't really an issue as Snowball programs are tiny, but this also complicated code handling such data. Now only literal strings use the 16 bit values. * Fix clang -Wunused-but-set-variable warning in compiler code. * Fix a few -Wshadow warnings in compiler and enable this warning by default. * Tighten parsing of `writef()` format strings. We now error out on unrecognised escape codes or if a numbered escape is used with too high a number or a non-digit. This change reveals that the Go and Rust generators were using invalid escape ~A - the old writef() code was substituting this with just A which is what is wanted so this case was harmless but being lenient here could hide bugs, especially when copying code between generators as they don't all support the same set of format codes. Build system ------------ * Turn on Java warnings and make them errors. * Compile C code with -g by default. This makes debugging easier, and matches the default for at least some other build systems (e.g. autotools). * Fix "make clean" to remove all built Ada files. * Clean `stemtest` too. Patch from Stefano Rivera. * Add missing `COMMON_FILES` dependency to dist targets. * GNUmakefile: Tidy up and make more consistent * GNUmakefile: Make use of $* to improve speed and readability. * Use $(patsubst ...) instead of sed in .java.class rule which gives cleaner make output and is a bit more efficient. * Add `WERROR` make variable to provide a way to add `-Werror` to existing CFLAGS. libstemmer ---------- Testsuite --------- * Give a clear error if snowball-data isn't found. Fixes #196, reported by Andrea Maccis. * Handle not thinning testdata better. If THIN_FACTOR is set to 1 we no longer run gzipped test data through awk. We also now handle THIN_FACTOR being set empty as equivalent to 1 for convenience. * csharp_stemwords: Correctly handle a stemmer name containing an underscore. * csharp_stemwords: Make `-i` option optional and read from stdin if omitted, like the C version does. * csharp_stemwords: Process the input line by line which is more helpful for interactive testing, and also a little faster. * Fix Java TestApp to allow a single argument. The documented command line syntax is that you only need to specify the language and there was already code to read from stdin if no input file was specified, but at least two command line options were required. * Fix deprecation warning in TestApp.java. * Optimise TestApp.java by creating fewer objects. Patch from Robert Muir. * stemwords.py: We no longer create an empty output file if we fail to open the input file. * stemwords: Improve error message to say "Out of memory or internal error" rather than just "Out of memory". Documentation ------------- * Include "what is stemming" section in each README. * Include section on threads in each README. Based on patch for Python from dbcerigo. * Document that input should be lowercase with composed accents. See #186, reported by 1993fpale. * Add README section on building, including notes on cross-compiling. Fixes #205, reported by sin-ack. * CONTRIBUTING.rst: Clarify which charsets to list * CONTRIBUTING.rst: Add general advice section. In particular, note to use spaces-only for indentation in most cases. Thanks to Dmitry Shachnev for raising this point. * CONTRIBUTING.rst: Note that UTF-8 is OK in comments. Thanks to Dmitry Shachnev for asking. * Fix some typos. Patch from Josh Soref. * Document that our CI now uses github actions. * Update link to Greek stemmer PDF. Patch from Michael Bissett (#33). Snowball 2.2.0 (2021-11-10) =========================== New Code Generators ------------------- * Add Ada generator from Stephane Carrez (#135). Javascript ---------- * Fix generated code to use integer division rather than floating point division. Noted by David Corbett. Pascal ------ * Fix code generated for division. Previously real division was used and the generated code would fail to compile with an "Incompatible types" error. Noted by David Corbett. * Fix code generated for Snowball's `minint` and `maxint` constant. Python ------ * Python 2 is no longer actively supported, as proposed on the mailing list: https://lists.tartarus.org/pipermail/snowball-discuss/2021-August/001721.html * Fix code generated for division. Previously the Python code we generated used integer division but rounded negative fractions towards negative infinity rather than zero under Python 2, and under Python 3 used floating point division. Noted by David Corbett. Code quality Improvements ------------------------- * C/C++: Generate INT_MIN and INT_MAX directly, including <limits.h> from the generated C file if necessary, and remove the MAXINT and MININT macros from runtime/header.h. * C#: An `among` without functions is now generated as `static` and groupings are now generated as constant. Patches from James Turner in #146 and #147. Code generation improvements ---------------------------- * General: + Constant numeric subexpressions and constant numeric tests are now evaluated at Snowball compile time. + Simplify the following degnerate `loop` and `atleast` constructs where N is a compile-time constant: - loop N C where N <= 0 is a no-op. - loop N C where N == 1 is just C. - atleast N C where N <= 0 is just repeat C. If the value of N doesn't depend on the current target language, platform or Unicode settings then we also issue a warning. Behavioural changes to existing algorithms ------------------------------------------ * german2: Fix handling of `qu` to match algorithm description. Previously the implementation erroneously did `skip 2` after `qu`. We suspect this was intended to skip the `qu` but that's already been done by the substring/among matching, so it actually skips an extra two characters. The implementation has always differed in this way, but there's no good reason to skip two extra characters here so overall it seems best to change the code to match the description. This change only affects the stemming of a single word in the sample vocabulary - `quae` which seems to actually be Latin rather than German. Optimisations to existing algorithms ------------------------------------ * arabic: Handle exception cases in the among they're exceptions to. * greek: Remove unused slice setting, handle exception cases in the among they're exceptions to, and turn `substring ... among ... or substring ... among ...` into a single `substring ... among ...` in cases where it is trivial to do so. * hindi: Eliminate the need for variable `p`. * irish: Minor optimisation in setting `pV` and `p1`. * yiddish: Make use of `among` more. Compiler -------- * Fix handling of `len` and `lenof` being declared as names. For compatibility with programs written for older Snowball versions len and lenof stop being tokens if declared as names. However this code didn't work correctly if the tokeniser's name buffer needed to be enlarged to hold the token name (i.e. 3 or 5 elements respectively). * Report a clearer error if `=` is used instead of `==` in an integer test. * Replace a single entry command list with its contents in the internal syntax tree. This puts things in a more canonical form, which helps subsequent optimisations. Build system ------------ * Support building on Microsoft Windows (using mingw+msys or a similar Unix-like environment). Patch from Jannick in #129. * Split out INCLUDES from CPPFLAGS so that CPPFLAGS can now be overridden by the user if required. Fixes #148, reported by Dominique Leuenberger. * Regenerate algorithms.mk only when needed rather than on every `make` run. libstemmer ---------- * The libstemmer static library now has a `.a` extension, rather than `.o`. Patch from Michal Vasilek in #150. Testsuite --------- * stemtest: Test that numbers and numeric codes aren't damaged by any of the algorithms. Regression test for #66. Fixes #81. * ada: Fix ada tests to fail if output differs. There was an extra `| head -300` compared to other languages, which meant that the exit code of `diff` was ignored. It seems more helpful (and is more consistent) not to limit how many differences are shown so just drop this addition. * go: Stop thinning testdata. It looks like we only are because the test harness code was based on that for rust, which was based on that for javascript, which was only thinning because it was reading everything into memory and the larger vocabulary lists were resulting in out of memory issues. * javascript: Speed up stemwords.js. Process input line-by-line rather than reading the whole file into memory, splitting, iterating, and creating an array with all the output, joining and writing out a single huge string. This also means we can stop thinning the test data for javascript, which we were only doing because the huge arabic test data file was causing out of memory errors. Also drop the -p option, which isn't useful here and complicates the code. * rust: Turn on optimisation in the makefile rather than the CI config. This makes the tests run in about 1/5 of the time and there's really no reason to be thinning the testdata for rust. Documentation ------------- * CONTRIBUTING.rst: Improve documentation for adding a new stemming algorithm. * Improve wording of Python docs.

1.6.1 (2025-03-25) * Performed further work on Diff::LCS::Ldiff improvements (#46) and resolve several thread safety issues cleanly by making it a class. #129 * Restructure the project to be more consistent with the rest of the projects that I manage. * Increased GitHub action security. * Added trusted publishing for fully automated releases. 1.6.2 (2025-05-12) * Handle upcoming changes to the cgi gem in Ruby 3.5 (#147) * Fix issues found with htmldiff in Ruby 1.8 (which is used approximately never, since the code change which broke Ruby 1.8 was made 6 years ago). #148 * Fixed some standardrb formatting and configuration issues.

- fix alpha_dec template variable #97 (0081380d74) - add unlimited recursive, but can be controled with max_depth on templates that are directories by default #129 (0dad75b717) - cache internal structure (4b9dfdd98c) which benefits reusability and, thus, speed in situations when you don't change the backend, or only change the palette. - add new template variables for displaying colors with rgb decimals #176 ++ a lot of internal changes.. ++ - colorspaces internal refactors and upgrades (0838839082), (feb8e3c60b), (80f59115d2), (80caaf70dc) * make lch work with lover contrast images (fda444c3b9) - backends kmeans: new internal defaults (d36d2ff180)

@momo-trip

See the following release page about the current project status: https://github.com/saitoha/libsixel/releases/tag/v1.8.7 Upstream changes (from NEWS): ------------------------------ What's new in libsixel-1.8.7 ------------------------------ for a comprehensive view of security-fix progress, see the page below saitoha/libsixel#203 * fix invalid pointer access in encoder.c (#193, #195) Thanks to @momo-trip, @akinomyoga * fix wrong HLS to RGB conversion. (#191) Thanks to @gnachman, @j4james * fix NULL pointer dereference problem in img2sixel.c (#192) Thanks to @momo-trip, @akinomyoga * fix double free problem in encoder.c (#194) Thanks to @momo-trip * Serucity fix for #200, heap buffer overflow in debug palette function. Thanks to @err2zero * add EXTRA_DIST for LICENSE files (#129) Thanks to @ttdoda * Travis-ci: added support for ppc64le (#140) Thanks to @dthadi3 * export sixel_allocator_new to dll (#151) Thanks to @johnnychen94 * README: Add Idris 2 language bindings (#155) Thanks to @Kaiepi * performance: If width and height are unchanged, nothing to do. (#170) Thanks to @rokuyama * README: add MacPorts to install options (#183) Thanks to @barracuda156 * fix for bash completion (#189) Thanks to @rcorre * Add backport feature (nanosleep) for windows, github actions CI (#202) Thanks to @Kreijstal * README: update NixOS link (#204) Thanks to @max-amb * build: Remove override of $LIBJPEG_CFLAGS and $LIBJPEG_LIBS set by PKG_CHECK_MODULES() * fix Problems with the dithering palette calculation (#188) Thanks to @gnachman, @j4james * fix SEGV error in sixel_encoder_setopt (#174) Thanks to @shinibufa , @j4james * curl: send original UserAgent header: "libsixel/${LIBSIXEL_VERSION}" * fix heap-buffer-overflow in error_diffuse, quant.c:876 #172 Thanks to @waugustus * fix Heap-buffer-overflow in scale.c:214 #179 Thanks to @chameleon10712, @j4james * build: fallback support for environments without pkg-config. * fix double-free problem in loader.c (#150) Thanks to @duytai, @ctrlcctrlv * fix an assertion issue in stbi__create_png_image_raw (#163) Thanks to @kdsjZh, @dankamongmen * Update stb_image.h from upstream to version 2.30 THanks to @hzeller * Update examples/drawing: add SGR-Pixels mode * fix a problem on monochromatic encoded (-e) output (#112) Thanks to @interkosmos, @j4james * fix a FPE issue (#166, #167) Thanks to @waugustus, @j4james * cli: fix a scaling issue introduced in v1.6.1, which is caused when one of -w/-h is a percentage and the other is unset or "auto" * fix a memory leak ploblem (#164) Thanks to @muetzenmann, @j4james

ricardobranco777 force-pushed the xhash branch from 13bf022 to a80cb5c Compare February 26, 2024 17:42

Add security/xhash

b1d9890

ricardobranco777 force-pushed the xhash branch from a80cb5c to b1d9890 Compare February 27, 2024 17:23

netbsd-srcmastr closed this in c91be8e Mar 3, 2024

ricardobranco777 deleted the xhash branch March 3, 2024 21:27

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add security/xhash #129

Add security/xhash #129

Uh oh!

ricardobranco777 commented Feb 26, 2024

Uh oh!

Uh oh!

Add security/xhash #129

Add security/xhash #129

Uh oh!

Conversation

ricardobranco777 commented Feb 26, 2024

Uh oh!

Uh oh!