zino: update to version 2.5.1.
Pkgsrc changes:
* version-bump + checksums + PLIST update.
* Require 0.2.1 of py-netsnmp-cffi.
Upstream changes:
- Add `zping` CLI utility to check if a Zino daemon is alive by
querying its SNMP agent for uptime.
([#528](https://github.com/Uninett/zino/issues/528))
- Configuration errors in `zino.toml` now report the underlying
parser message (with line and column) for syntax errors, and
friendlier messages â<80><94> including key suggestions â<80><94>
for validation errors. ([#539](https://github.com/Uninett/zino/issues/539))
- Single-interface link state verification no longer crashes with
an `AssertionError` when the target interface has disappeared from
[13 lines not shown]
Reject and normalize non-colon NIC MAC addresses
## Problem
A custom NIC MAC entered with dash, no-separator, or mixed separators (e.g. `10-66-6A-1F-F1-B1`) passed the permissive `mac` pattern but libvirt's `defineXML` only parses colon-separated MACs, so the container/VM saved fine and then failed to start with `XML error: unable to parse mac address`. The colon-only `MACAddr(separator=':')` guard the VM plugin used through electriceel was dropped when devices moved to the pydantic models at fangtooth, and containers (26.0+) never had it, so these values can already be sitting in `vm_device` and `container_device`.
## Solution
- Tightened the shared `MACAddress` type to colon-only with a clear message, and switched the v27 VM and Container NIC `mac` fields to use it (removing the duplicated permissive inline pattern). Frozen API versions are left as-is.
- Added a migration that normalizes existing NIC MACs in both `vm_device` and `container_device` to libvirt's canonical lowercase colon form, regenerating the rare value that isn't a real MAC. This is required because `*.device.query` re-validates rows through the model, so an un-normalized non-colon MAC would otherwise make `query` fail once the pattern is tightened. Normalization preserves the user's intended address and heals instances that were stuck failing to start.
Mark LastEpilogIdx as maybe_unused (#204857)
#203108 added a variable which is read only in debug builds, so we are
seeing warning in release builds without asserts.
Convert SSH plugin to typesafe pattern
## Context
Migrates the `ssh` plugin from the legacy dict-based `SystemServiceService` to the typesafe pattern, matching the `ups`/`ftp` shape.
## Solution
Split the single `ssh.py` into a package: a lean `SSHService` (`generic = True`) in `__init__.py` delegating to `SSHServicePart` in `config.py`, with the host-key helpers moved to plain functions in `keys.py`. `config`/`update` now return the `SSHEntry` Pydantic model in-process, so every internal consumer was updated: the `sshd_config` mako and the SSH `config.py` renderer `.model_dump()` the model at the top, and the in-process callers (`keychain`, `failover` nftables, the `service_` start/reload hooks, and the plugin's own `setup()`) were switched from string `middleware.call('ssh.…')` to typed `call2`/`call_sync2`. The only remaining string call is `etc.py`'s dynamic `CtxMethod` dispatch, which has no static method handle. Registered the service in `main.py` and added the package to the mypy workflow.
py-netsnmp-cffi: upgrade to version 0.2.1.
Pkgsrc changes:
* Version + checksum updates.
Upstream changes:
Fixed
* Fix ffi.error from a size mismatch between the cdef and the
real C layout of struct enum_list, by marking the cdef declaration
as flexible. The mismatch caused crashes on platforms where
CFFI verifies struct sizes against the C compiler (e.g.
NetBSD/pkgsrc builds of net-snmp), any time MIB enumerations
were looked up. (#23)
Added
* Test suite now also tests on Python 3.13 and 3.14.
* Wheel build/publish process also builds wheels for Python 3.13 and 3.14.
[flang][OpenMP] Scope-qualify user-defined reduction names in lowering (#202474)
A named !$omp declare reduction was lowered to an omp.declare_reduction
operation whose symbol name was just the bare reduction name (e.g.
`@a`), without any scope qualification. Semantic name resolution was
correct and gave each scope its own reduction symbol, but lowering
deduplicates the declare reduction op by name, so two subroutines that
declared a reduction with the same name collapsed onto a single op.
As a result, a reduction(name:var) clause could bind to a declaration
that leaked in from a different scope.
Per OpenMP 6.0 7.6.14, a user-defined reduction has the same visibility
and accessibility as a variable declared at the same location.
Qualify the generated op name with the scope in which the reduction is
declared using mangleName, the same approach already used for
omp.private and declare mapper. This is applied consistently when the op
is created, when a clause references it, and when its existence is
[2 lines not shown]
[flang][OpenMP] Emit warning that REVERSE_OFFLOAD is not supported (#204647)
Right now we quietly ignore it, whereas the OpenMP spec mandates a
compilation error for requirements that the implementation does not
support.
The REVERSE_OFFLOAD was not causing a compilation error to allow testing
of incremental implementation improvements, but we should at least warn
about not supporting it.
clang/AMDGPU: Fix double linking opencl libs with --libclc-lib
Noticed by inspection. If using an explicit --libclc-lib flag,
do not attempt to also link the rocm device libs which will contain
different implementations of the same opencl symbols.
Co-Authored-By: Claude <noreply at anthropic.com>
