Update submodules from pool/perl-Perl-Tidy#1 and create patchinfo.20260129102824525983.93181000773252/_patchinfo

PR: products/PackageHub!364

.gitmodules

@@ -26242,7 +26242,3 @@
 	path = openQA-devel-container
 	url =  ../../pool/openQA-devel-container
 	branch = leap-16.0
-[submodule "doomsday"]
-	path = doomsday
-	url = ../../pool/doomsday
-	branch = leap-16.0

patchinfo.20260119134919947913.93181000773252/_patchinfo

@@ -0,0 +1,79 @@
+<patchinfo incident="packagehub-90">
+  <packager>gbazzotti</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for micro-editor</summary>
+  <description>This update for micro-editor fixes the following issues:
+
+Changes in micro-editor:
+
+- Update to version 2.0.15:
+  * truecolor (supersedes the MICRO_TRUECOLOR environment variable)
+  * showchars (deprecates indentchar)
+  * lockbindings for completely disallowing plugins to modify keybindings
+  * helpsplit for changing default split type for the help command
+  * pageoverlap for setting number of lines kept during page up/page down
+  * Added FirstTab, LastTab, FirstSplit and LastSplit commands
+  * SkipMultiCursorBack as a counterpart to SkipMultiCursor
+  * CursorToViewTop, CursorToViewCenter, CursorToViewBottom
+  * Duplicate for duplicating the selection only, not the whole line
+  * Plugins never write to settings.json or bindings.json anymore
+  * Add onBufferOptionChanged callback
+  * Add SpawnCursorAtLoc()
+  * Expose bufpane's DoubleClick and TripleClick to plugins
+  * Pass mouse info to {on,pre}MouseXXX callbacks
+  * Support goto statement from Lua 5.2
+  * Various Syntax Highlighting improvements
+
+- Update to version 2.0.14:
+  * matchbracestyle to choose whether to underline or highlight matching braces
+  * matchbraceleft to choose whether to match brace to the left of the cursor
+  * hltrailingws to highlight trailing whitespace
+  * hltaberrors to highlight tab vs space inconsistencies
+  * Add jump command to perform a relative goto
+  * Add sub-word movement actions and improve word movements
+  * Add paragraph selection actions and improve paragraph movements
+  * Make Shift-PageUp/Down the default keybindings for SelectPageUp/Down
+  * Add signatures support to improve filetype detection in ambiguous cases
+  * Provide default.yaml for default syntax highlighting
+  * Improvements in syntax highlighting for various languages
+  * More generic support for mouse events handling
+  * Add mouse release and mouse drag events
+  * Make MouseMultiCursor toggle cursors
+  * Better support for handling mouse events in lua
+  * Better API for lua timers
+  * Add onAnyEvent callback
+  * Allow colorschemes to include other colorschemes
+  * Give user's files in ~/.config/micro/ precedence over micro's built-in
+    files
+  * Respect umask when creating files
+  * Smarter smartpaste
+  * Make default fileformat value suited to the OS
+  * Improve buffer view relocation after jumping to a far-away location
+  * Improve return values of some actions for better action chaining
+  * Autocomplete filetypes
+  * Allow raw escape sequence to be bound with bind
+  * Various small improvements
+  * Fix various crashes
+  * Fix micro killed by SIGINT sent to its shell job
+  * Various fixes for setting local options
+  * Various fixes for reloading settings via reload command
+  * Various fixes for updating settings after changing filetype
+  * Fix unneeded rewriting of settings.json
+  * Fix overwriting persistent non-default settings in settings.json with
+    temporary default settings
+  * Don't apply rmtrailingws on autosave
+  * Don't autosave unmodified buffer
+  * Properly update autosave timer when the autosave option value changes
+  * Fix opening filenames including colons with parsecursor
+  * Fix replace to be able to insert '$'
+  * Fix cursor moving to an unexpected location after a redo
+  * Make cursor movements after selection consistent
+  * Fix incorrect buffer view after reloading file
+  * Fix lost mouse release events in case the pane becomes inactive
+  * Add proper locking to LineArray to fix potential races
+  * Cleanup indentation and trailing whitespace
+  * Improve plugin documentation
+</description>
+  <package>micro-editor</package>
+</patchinfo>

patchinfo.20260119135010553480.93181000773252/_patchinfo

@@ -0,0 +1,43 @@
+<patchinfo incident="packagehub-94">
+  <packager>os-autoinst-obs-workflow</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for openQA, os-autoinst, openQA-devel-container</summary>
+  <description>This update for openQA, os-autoinst, openQA-devel-container fixes the following issues:
+
+Changes in openQA:
+
+Fri Jan 16 20:30:53 UTC 2026 - okurz@suse.com
+
+- Update to version 5.1768564451.45d5d5b2:
+  * feat: optionally configure fake auth key+secret+expiration
+  * OpenSuseIssueReporter: Avoid multiple push calls
+  * unit_tests: Add unit tests for OpenSuseBugzillaUtils
+  * unit_tests: Adapt the UI tests to the new kernel bug button
+  * plugins: Introduce OpenSuseIssueReporter for external issue reporting
+
+Changes in os-autoinst:
+
+Fri Jan 16 20:43:12 UTC 2026 - okurz@suse.com
+- Update to version 5.1768577300.b85e486:
+  * fix(dist): provide proper copyright headers in all spec-files
+  * fix(dist): try to fix os-autoinst-obs-auto-submit reverting content
+
+Changes in openQA-devel-container:
+
+Fri Jan 16 20:41:22 UTC 2026 - okurz@suse.de
+
+- Update to version 5.1768564451.45d5d5b2e:
+  * Update to latest openQA version
+</description>
+  <package>openQA</package>
+  <package>openQA:openQA-devel-test</package>
+  <package>openQA:openQA-test</package>
+  <package>openQA:openQA-worker-test</package>
+  <package>openQA:openQA-client-test</package>
+  <package>os-autoinst</package>
+  <package>os-autoinst:os-autoinst-test</package>
+  <package>os-autoinst:os-autoinst-devel-test</package>
+  <package>os-autoinst:os-autoinst-openvswitch-test</package>
+  <package>openQA-devel-container</package>
+</patchinfo>

patchinfo.20260120154940279982.93181000773252/_patchinfo

@@ -0,0 +1,222 @@
+<patchinfo incident="packagehub-87">
+  <issue tracker="cve" id="2025-68156"/>
+  <issue tracker="cve" id="2025-68161"/>
+  <issue tracker="cve" id="2024-51744"/>
+  <issue tracker="bnc" id="1239728">VUL-0: CVE-2025-29786: coredns: github.com/expr-lang/expr: memory exhaustion when unbounded input string is processed by Expr expression parser</issue>
+  <issue tracker="bnc" id="1256411">VUL-0: CVE-2025-68151: coredns: coredns: lack of resource-limiting controls in multiple CoreDNS server implementations allows an unauthenticated remote attacker to exhaust memory and crash the server</issue>
+  <issue tracker="bnc" id="1239294">VUL-0: CVE-2025-22868: coredns: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2</issue>
+  <issue tracker="cve" id="2025-58063"/>
+  <issue tracker="bnc" id="1249389">VUL-0: CVE-2025-58063: coredns: CoreDNS Lease ID Confusion</issue>
+  <issue tracker="bnc" id="1255345">VUL-0: CVE-2025-68156: coredns: github.com/expr-lang/expr/builtin: uncontrolled recursion in expression evaluation can cause a denial of service</issue>
+  <packager>amanzini</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for coredns</summary>
+  <description>This update for coredns fixes the following issues:
+
+Changes in coredns:
+
+- fix CVE-2025-68156 bsc#1255345
+- fix CVE-2025-68161 bsc#1256411
+- Update to version 1.14.0:
+  * core: Fix gosec G115 integer overflow warnings
+  * core: Add regex length limit
+  * plugin/azure: Fix slice init length
+  * plugin/errors: Add optional show_first flag to consolidate directive
+  * plugin/file: Fix for misleading SOA parser warnings
+  * plugin/kubernetes: Rate limits to api server
+  * plugin/metrics: Implement plugin chain tracking
+  * plugin/sign: Report parser err before missing SOA
+  * build(deps): bump github.com/expr-lang/expr from 1.17.6 to 1.17.7
+
+- Update to version 1.13.2:
+  * core: Add basic support for DoH3
+  * core: Avoid proxy unnecessary alloc in Yield
+  * core: Fix usage of sync.Pool to save an alloc
+  * core: Fix data race with sync.RWMutex for uniq
+  * core: Prevent QUIC reload panic by lazily initializing the listener
+  * core: Refactor/use reflect.TypeFor
+  * plugin/auto: Limit regex length
+  * plugin/cache: Remove superfluous allocations in item.toMsg
+  * plugin/cache: Isolate metadata in prefetch goroutine
+  * plugin/cache: Correct spelling of MaximumDefaultTTL in cache and dnsutil
+    packages
+  * plugin/dnstap: Better error handling (redial &amp; logging) when Dnstap is busy
+  * plugin/file: Performance finetuning
+  * plugin/forward: Disallow NOERROR in failover
+  * plugin/forward: Added support for per-nameserver TLS SNI
+  * plugin/forward: Prevent busy loop on connection err
+  * plugin/forward: Add max connect attempts knob
+  * plugin/geoip: Add ASN schema support
+  * plugin/geoip: Add support for subdivisions
+  * plugin/kubernetes: Fix kubernetes plugin logging
+  * plugin/multisocket: Cap num sockets to prevent OOM
+  * plugin/nomad: Support service filtering
+  * plugin/rewrite: Pre-compile CNAME rewrite regexp
+  * plugin/secondary: Fix reload causing secondary plugin goroutine to leak
+
+- Update to version 1.13.1:
+  * core: Avoid string concatenation in loops
+  * core: Update golang to 1.25.2 and golang.org/x/net to v0.45.0 on CVE fixes
+  * plugin/sign: Reject invalid UTF‑8 dbfile token
+
+- Update to version 1.13.0:
+  * core: Export timeout values in dnsserver.Server
+  * core: Fix Corefile infinite loop on unclosed braces
+  * core: Fix Corefile related import cycle issue
+  * core: Normalize panics on invalid origins
+  * core: Rely on dns.Server.ShutdownContext to gracefully stop
+  * plugin/dnstap: Add bounds for plugin args
+  * plugin/file: Fix data race in tree Elem.Name
+  * plugin/forward: No failover to next upstream when receiving SERVFAIL or
+    REFUSED response codes
+  * plugin/grpc: Enforce DNS message size limits
+  * plugin/loop: Prevent panic when ListenHosts is empty
+  * plugin/loop: Avoid panic on invalid server block
+  * plugin/nomad: Add a Nomad plugin
+  * plugin/reload: Prevent SIGTERM/reload deadlock
+
+- fix CVE-2025-58063 bsc#1249389
+- Update to version 1.12.4:
+  * bump deps
+  * fix(transfer): goroutine leak on axfr err (#7516)
+  * plugin/etcd: fix import order for ttl test (#7515)
+  * fix(grpc): check proxy list length in policies (#7512)
+  * fix(https): propagate HTTP request context (#7491)
+  * fix(plugin): guard nil lookups across plugins (#7494)
+  * lint: add missing prealloc to backend lookup test (#7510)
+  * fix(grpc): span leak on error attempt (#7487)
+  * test(plugin): improve backend lookup coverage (#7496)
+  * lint: enable prealloc (#7493)
+  * lint: enable durationcheck (#7492)
+  * Add Sophotech to adopters list (#7495)
+  * plugin: Use %w to wrap user error (#7489)
+  * fix(metrics): add timeouts to metrics HTTP server (#7469)
+  * chore(ci): restrict token permissions (#7470)
+  * chore(ci): pin workflow dependencies (#7471)
+  * fix(forward): use netip package for parsing (#7472)
+  * test(plugin): improve test coverage for pprof (#7473)
+  * build(deps): bump github.com/go-viper/mapstructure/v2 (#7468)
+  * plugin/file: fix label offset problem in ClosestEncloser (#7465)
+  * feat(trace): migrate dd-trace-go v1 to v2 (#7466)
+  * test(multisocket): deflake restart by using a fresh port and coordinated cleanup (#7438)
+  * chore: update Go version to 1.24.6 (#7437)
+  * plugin/header: Remove deprecated syntax (#7436)
+  * plugin/loadbalance: support prefer option (#7433)
+  * Improve caddy.GracefulServer conformance checks (#7416)
+
+- Update to version 1.12.3:
+  * chore: Minor changes to `Dockerfile` (#7428)
+  * Properly create hostname from IPv6 (#7431)
+  * Bump deps
+  * fix: handle cached connection closure in forward plugin (#7427)
+  * plugin/test: fix TXT record comparison for multi-chunk vs multiple records
+  * plugin/file: preserve case in SRV record names and targets per RFC 6763
+  * fix(auto/file): return REFUSED when no next plugin is available (#7381)
+  * Port to AWS Go SDK v2 (#6588)
+  * fix(cache): data race when refreshing cached messages (#7398)
+  * fix(cache): data race when updating the TTL of cached messages (#7397)
+  * chore: fix docs incompatibility (#7390)
+  * plugin/rewrite: Add EDNS0 Unset Action (#7380)
+  * add args: startup_timeout for kubernetes plugin (#7068)
+  * [plugin/cache] create a copy of a response to ensure original data is never
+     modified
+  * Add support for fallthrough to the grpc plugin (#7359)
+  * view: Add IPv6 example match (#7355)
+  * chore: enable more rules from revive (#7352)
+  * chore: enable early-return and superfluous-else from revive (#7129)
+  * test(plugin): improve tests for auto (#7348)
+  * fix(proxy): flaky dial tests (#7349)
+  * test: add t.Helper() calls to test helper functions (#7351)
+  * fix(kubernetes): multicluster DNS race condition (#7350)
+  * lint: enable wastedassign linter (#7340)
+  * test(plugin): add tests for any (#7341)
+  * Actually invoke make release -f Makefile.release during test (#7338)
+  * Keep golang to 1.24.2 due to build issues in 1.24.3 (#7337)
+  * lint: enable protogetter linter (#7336)
+  * lint: enable nolintlint linter (#7332)
+  * fix: missing intrange lint fix (#7333)
+  * perf(kubernetes): optimize AutoPath slice allocation (#7323)
+  * lint: enable intrange linter (#7331)
+  * feat(plugin/file): fallthrough (#7327)
+  * lint: enable canonicalheader linter (#7330)
+  * fix(proxy): avoid Dial hang after Transport stopped (#7321)
+  * test(plugin): add tests for pkg/rand (#7320)
+  * test(dnsserver): add unit tests for gRPC and QUIC servers (#7319)
+  * fix: loop variable capture and linter (#7328)
+  * lint: enable usetesting linter (#7322)
+  * test: skip certain network-specific tests on non-Linux (#7318)
+  * test(dnsserver): improve core/dnsserver test coverage (#7317)
+  * fix(metrics): preserve request size from plugins (#7313)
+  * fix: ensure DNS query name reset in plugin.NS error path (#7142)
+  * feat: enable plugins via environment during build (#7310)
+  * fix(plugin/bind): remove zone for link-local IPv4 (#7295)
+  * test(request): improve coverage across package (#7307)
+  * test(coremain): Add unit tests (#7308)
+  * ci(test-e2e): add Go version setup to workflow (#7309)
+  * kubernetes: add multicluster support (#7266)
+  * chore: Add new maintainer thevilledev (#7298)
+  * Update golangci-lint (#7294)
+  * feat: limit concurrent DoQ streams and goroutines (#7296)
+  * docs: add man page for multisocket plugin (#7297)
+  * Prepare for the k8s api upgrade (#7293)
+  * fix(rewrite): truncated upstream response (#7277)
+  * fix(plugin/secondary): make transfer property mandatory (#7249)
+  * plugin/bind: remove macOS bug mention in docs (#7250)
+  * Remove `?bla=foo:443` for `POST` DoH (#7257)
+  * Do not interrupt querying readiness probes for plugins (#6975)
+  * Added `SetProxyOptions` function for `forward` plugin (#7229)
+
+-  Backported quic-go PR #5094: Fix parsing of ifindex from packets
+   to ensure compatibility with big-endian architectures
+   (see quic-go/quic-go#4978, coredns/coredns#6682).
+
+- Update to version 1.12.1:
+  * core: Increase CNAME lookup limit from 7 to 10 (#7153)
+  * plugin/kubernetes: Fix handling of pods having DeletionTimestamp set
+  * plugin/kubernetes: Revert "only create PTR records for endpoints with
+    hostname defined"
+  * plugin/forward: added option failfast_all_unhealthy_upstreams to return
+    servfail if all upstreams are down
+  * bump dependencies, fixing bsc#1239294 and bsc#1239728
+
+- Update to version 1.12.0:
+  * New multisocket plugin - allows CoreDNS to listen on multiple sockets
+  * bump deps
+
+- Update to version 1.11.4:
+  * forward plugin: new option next, to try alternate upstreams when receiving
+    specified response codes upstreams on (functions like the external plugin
+    alternate)
+  * dnssec plugin: new option to load keys from AWS Secrets Manager
+  * rewrite plugin: new option to revert EDNS0 option rewrites in responses
+
+- Update to version 1.11.3+git129.387f34d:
+  * fix CVE-2024-51744 (https://bugzilla.suse.com/show_bug.cgi?id=1232991)
+    build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 (#6955)
+  * core: set cache-control max-age as integer, not float (#6764)
+  * Issue-6671: Fixed the order of plugins. (#6729)
+  * `root`: explicit mark `dnssec` support (#6753)
+  * feat: dnssec load keys from AWS Secrets Manager (#6618)
+  * fuzzing: fix broken oss-fuzz build (#6880)
+  * Replace k8s.io/utils/strings/slices by Go stdlib slices (#6863)
+  * Update .go-version to 1.23.2 (#6920)
+  * plugin/rewrite: Add "revert" parameter for EDNS0 options (#6893)
+  * Added OpenSSF Scorecard Badge (#6738)
+  * fix(cwd): Restored backwards compatibility of Current Workdir (#6731)
+  * fix: plugin/auto: call OnShutdown() for each zone at its own OnShutdown() (#6705)
+  * feature: log queue and buffer memory size configuration (#6591)
+  * plugin/bind: add zone for link-local IPv6 instead of skipping (#6547)
+  * only create PTR records for endpoints with hostname defined (#6898)
+  * fix: reverter should execute the reversion in reversed order (#6872)
+  * plugin/etcd: fix etcd connection leakage when reload (#6646)
+  * kubernetes: Add useragent (#6484)
+  * Update build (#6836)
+  * Update grpc library use (#6826)
+  * Bump go version from 1.21.11 to 1.21.12 (#6800)
+  * Upgrade antonmedv/expr to expr-lang/expr (#6814)
+  * hosts: add hostsfile as label for coredns_hosts_entries (#6801)
+  * fix TestCorefile1 panic for nil handling (#6802)
+</description>
+  <package>coredns</package>
+</patchinfo>

patchinfo.20260120155333040130.93181000773252/_patchinfo

@@ -0,0 +1,32 @@
+<patchinfo incident="packagehub-96">
+  <issue tracker="cve" id="2026-22772"/>
+  <issue tracker="bnc" id="1256546">VUL-0: CVE-2025-47911: TRACKERBUG: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents</issue>
+  <packager>dirkmueller</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for hauler</summary>
+  <description>This update for hauler fixes the following issues:
+
+Changes in hauler:
+
+- Update to version 1.4.1 (bsc#1256546, CVE-2026-22772):
+  * fixed typos for containerd imports (#493)
+  * fix and support containerd imports of `hauls` (#492)
+  * bump github.com/sigstore/fulcio (#489)
+
+- Update to version 1.4.0:
+  * added/updated logging for `serve` and `remove` (#487)
+  * added/fixed helm chart images/dependencies features (#485)
+  * more experimental feature updates (#486)
+  * add experimental notes (#483)
+  * updated tempdir flag to store persistent flags (#484)
+  * delete artifacts from store (#473)
+  * path rewrites (#475)
+  * updated/fixed workflow dependency versions (#478)
+
+- Update to version 1.3.2:
+  * bump to latest cosign fork release (#481)
+  * Bump golang.org/x/crypto in the go_modules group across 1 directory (#476)
+</description>
+  <package>hauler</package>
+</patchinfo>

patchinfo.20260121084311542237.93181000773252/_patchinfo

@@ -0,0 +1,19 @@
+<patchinfo incident="packagehub-91">
+  <issue tracker="cve" id="2026-1220"/>
+  <issue tracker="bnc" id="1257011">VUL-0: CVE-2026-1220: chromium: Race in V8 (update to 144.0.7559.96)</issue>
+  <issue tracker="bnc" id="1256938">Chromium icon missing in Gnome on Leap 16</issue>
+  <packager>AndreasStieger</packager>
+  <rating>moderate</rating>
+  <category>security</category>
+  <summary>Security update for chromium</summary>
+  <description>This update for chromium fixes the following issues:
+
+Changes in chromium:
+
+- Chromium 144.0.7559.96 (boo#1257011)
+  * CVE-2026-1220: Race in V8
+
+- update INSTALL.sh to handle the addded tags in the desktop file (boo#1256938)
+</description>
+  <package>chromium</package>
+</patchinfo>

patchinfo.20260121084629327942.93181000773252/_patchinfo

@@ -0,0 +1,28 @@
+<patchinfo incident="packagehub-92">
+  <packager>AndreasStieger</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for minisign</summary>
+  <description>This update for minisign fixes the following issues:
+
+Changes in minisign:
+
+- Bugfix:
+  * bugfix: duplicate command-line arguments [7dfdb3c]
+
+- Security fix: [gpg.fail/trustcomment]
+  * Trusted comment injection (minisign) [6c59875]
+  * trim(): only trim trailing \r\n, reject straight \r characters
+
+- Security fix: [gpg.fail/minisign]
+  * Trusted comment injection (minisign) [a10dc92]
+  * Bail out if the signature file contains unprintable characters
+
+- Update to version 0.12
+  * Libsodium is now an optional dependency. When using the Zig
+    toolchain to compile Minisign, you can specify the
+    -Dwithout-libsodium flag to build and run without libsodium.
+  * Key identifiers are now zero-padded when printed.
+</description>
+  <package>minisign</package>
+</patchinfo>

patchinfo.20260121084821180176.93181000773252/_patchinfo

@@ -0,0 +1,24 @@
+<patchinfo incident="packagehub-88">
+  <issue tracker="cve" id="2025-14422"/>
+  <issue tracker="cve" id="2025-14423"/>
+  <issue tracker="bnc" id="1255293">VUL-0: CVE-2025-14422: gimp: PNM File Parsing Integer Overflow Remote Code Execution Vulnerability</issue>
+  <issue tracker="bnc" id="1255296">VUL-0: CVE-2025-14425: gimp: JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability</issue>
+  <issue tracker="cve" id="2025-14425"/>
+  <issue tracker="bnc" id="1255295">VUL-0: CVE-2025-14424: gimp: XCF File Parsing Use-After-Free Remote Code Execution Vulnerability</issue>
+  <issue tracker="bnc" id="1255294">VUL-0: CVE-2025-14423: gimp: LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability</issue>
+  <issue tracker="cve" id="2025-14424"/>
+  <packager>mgorse</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for gimp</summary>
+  <description>This update for gimp fixes the following issues:
+
+Changes in gimp:
+
+- CVE-2025-14422: Fixed PNM File Parsing Integer Overflow (bsc#1255293)
+- CVE-2025-14423: Fixed LBM File Parsing Stack-based Buffer Overflow (bsc#1255294)
+- CVE-2025-14424: Fixed XCF File Parsing Use-After-Free (bsc#1255295)
+- CVE-2025-14425: Fixed JP2 File Parsing Heap-based Buffer Overflow(bsc#1255296)
+</description>
+  <package>gimp</package>
+</patchinfo>

patchinfo.20260121120556714095.93181000773252/_patchinfo

@@ -0,0 +1,132 @@
+<patchinfo incident="packagehub-89">
+  <packager>manfred-h</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for helmfile</summary>
+  <description>This update for helmfile fixes the following issues:
+
+Changes in helmfile:
+
+- Update to version 1.2.3:
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/config from
+    1.32.2 to 1.32.3 by @dependabot[bot] in #2308
+  * build(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2
+    by @dependabot[bot] in #2310
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from
+    1.92.1 to 1.93.0 by @dependabot[bot] in #2307
+  * Add parameter to render helmfile as go template without .gotmpl
+    extension by @ronaldour in #2312
+  * build(deps): bump golang.org/x/sync from 0.18.0 to 0.19.0 by
+    @dependabot[bot] in #2315
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from
+    1.93.0 to 1.93.2 by @dependabot[bot] in #2323
+  * build(deps): bump k8s.io/apimachinery from 0.34.2 to 0.34.3
+    by @dependabot[bot] in #2322
+  * build(deps): bump golang.org/x/term from 0.37.0 to 0.38.0 by
+    @dependabot[bot] in #2317
+  * build(deps): bump k8s.io/client-go from 0.34.2 to 0.34.3 by
+    @dependabot[bot] in #2321
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/config from
+    1.32.3 to 1.32.5 by @dependabot[bot] in #2320
+  * build(deps): bump helm.sh/helm/v3 from 3.19.2 to 3.19.3 by
+    @dependabot[bot] in #2325
+  * build(deps): bump helm.sh/helm/v4 from 4.0.1 to 4.0.2 by
+    @dependabot[bot] in #2326
+  * build(deps): bump actions/upload-artifact from 5 to 6 by
+    @dependabot[bot] in #2331
+  * build(deps): bump helm.sh/helm/v3 from 3.19.3 to 3.19.4 by
+    @dependabot[bot] in #2328
+  * build(deps): bump actions/download-artifact from 6 to 7 by
+    @dependabot[bot] in #2332
+  * build(deps): bump dessant/lock-threads from 5 to 6 by
+    @dependabot[bot] in #2330
+  * build(deps): bump helm.sh/helm/v4 from 4.0.3 to 4.0.4 by
+    @dependabot[bot] in #2329
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3
+    from 1.93.2 to 1.94.0 by @dependabot[bot] in #2333
+  * bump helm version to 4.0.4 by @yxxhero in #2335
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/config from
+    1.32.5 to 1.32.6 by @dependabot[bot] in #2336
+  * build(deps): bump github.com/zclconf/go-cty-yaml from 1.1.0
+    to 1.2.0 by @dependabot[bot] in #2340
+  * build(deps): bump k8s.io/client-go from 0.34.3 to 0.35.0 by
+    @dependabot[bot] in #2338
+  * fix: rewrite relative file:// chart dependencies to absolute
+    paths by @sstarcher in #2334
+
+- Update to version 1.2.2:
+  * Fix AWS SDK debug logging by making it configurable (issue
+    #2270) by @aditmeno in #2290
+  * test: add integration test for issue #2291 (CRD preservation
+    with strategicMergePatches) by @aditmeno in #2292
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/config from
+    1.32.1 to 1.32.2 by @dependabot[bot] in #2300
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3
+    from 1.92.0 to 1.92.1 by @dependabot[bot] in #2299
+  * fix: resolve issues #2295, #2296, and #2297 by @aditmeno
+    in #2298
+  * build(deps): update Helm v4 to 4.0.1 and helm-secrets to
+    4.7.4 by @aditmeno in #2304
+  * feat: add print-env command by @dschmidt in #2279
+
+- Update to version 1.2.1:
+  * build(deps): bump azure/setup-helm from 4.3.0 to 4.3.1 by
+    @dependabot[bot] in #2274
+  * build(deps): bump github.com/helmfile/vals from 0.42.4 to
+    0.42.5 by @dependabot[bot] in #2272
+  * build(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0
+    by @dependabot[bot] in #2277
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from
+    1.90.2 to 1.91.1 by @dependabot[bot] in #2284
+  * Fix four critical issues: environment merging, kubeVersion
+    detection, lookup() with kustomize, and Helm 4 color flags by
+    @aditmeno in #2276
+  * build(deps): bump go.uber.org/zap from 1.27.0 to 1.27.1 by
+    @dependabot[bot] in #2283
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/config from
+    1.31.20 to 1.32.0 by @dependabot[bot] in #2282
+  * build(deps): bump actions/checkout from 5 to 6 by
+    @dependabot[bot] in #2287
+  * build(deps): bump k8s.io/client-go from 0.34.1 to 0.34.2 by
+    @dependabot[bot] in #2285
+  * Fix four critical bugs: array merging (#2281), AWS SDK logging
+    (#2270), helmDefaults skip flags (#2269), and OCI chart versions
+    (#2247) by @aditmeno in #2288
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from
+    1.91.1 to 1.92.0 by @dependabot[bot] in #2286
+
+- Update to version 1.2.0:
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/config from
+    1.31.15 to 1.31.16 by @dependabot[bot] in #2242
+  * build(deps): bump github.com/hashicorp/go-getter from 1.8.2
+    to 1.8.3 by @dependabot[bot] in #2241
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from
+    1.89.0 to 1.89.1 by @dependabot[bot] in #2240
+  * build(deps): bump github.com/containerd/containerd from 1.7.28
+    to 1.7.29 by @dependabot[bot] in #2249
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from
+    1.89.1 to 1.90.0 by @dependabot[bot] in #2248
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/config from
+    1.31.16 to 1.31.17 by @dependabot[bot] in #2245
+  * build(deps): bump golang.org/x/sync from 0.17.0 to 0.18.0 by
+    @dependabot[bot] in #2251
+  * build(deps): bump golangci/golangci-lint-action from 8 to 9 by
+    @dependabot[bot] in #2250
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/config from
+    1.31.17 to 1.31.18 by @dependabot[bot] in #2253
+  * build(deps): bump golang.org/x/term from 0.36.0 to 0.37.0 by
+    @dependabot[bot] in #2256
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/config from
+    1.31.18 to 1.31.20 by @dependabot[bot] in #2259
+  * perf(app): Parallelize helmfile.d rendering and eliminate chdir
+    race conditions by @aditmeno in #2261
+  * build(deps): bump k8s.io/apimachinery from 0.34.1 to 0.34.2 by
+    @dependabot[bot] in #2264
+  * Issue-1883 fix by @zhaque44 in #2058
+  * feat: add Helm 4 support while maintaining Helm 3 compatibility
+    by @aditmeno in #2262
+  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from
+    1.90.0 to 1.90.2 by @dependabot[bot] in #2258
+</description>
+  <package>helmfile</package>
+</patchinfo>

patchinfo.20260122121240008027.93181000773252/_patchinfo

@@ -0,0 +1,72 @@
+<patchinfo incident="packagehub-93">
+  <issue tracker="cve" id="2025-58058"/>
+  <issue tracker="cve" id="2025-47911"/>
+  <issue tracker="cve" id="2025-58190"/>
+  <issue tracker="bnc" id="1251399">VUL-0: CVE-2025-47911: sbctl: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents</issue>
+  <issue tracker="bnc" id="1251609">VUL-0: CVE-2025-58190: sbctl: golang.org/x/net/html: excessive memory consumption by `html.ParseFragment` when processing specially crafted input</issue>
+  <issue tracker="bnc" id="1248949">VUL-0: CVE-2025-58058: sbctl: github.com/ulikunitz/xz: github.com/ulikunitz/xz leaks memory</issue>
+  <packager>jubalh</packager>
+  <rating>moderate</rating>
+  <category>security</category>
+  <summary>Security update for sbctl</summary>
+  <description>This update for sbctl fixes the following issues:
+
+Changes in sbctl:
+
+- Upgrade the embedded golang.org/x/net to 0.46.0
+  * Fixes: bsc#1251399, CVE-2025-47911: various algorithms with
+    quadratic complexity when parsing HTML documents
+  * Fixes: bsc#1251609, CVE-2025-58190: excessive memory consumption
+    by 'html.ParseFragment' when processing specially crafted input
+
+- Update to version 0.18:
+  * logging: fixup new go vet warning
+  * workflows: add cc for cross compile
+  * workflow: add sudo to apt
+  * workflow: add pcsclite to ci
+  * workflow: try enable cgo
+  * go.mod: update golang.org/x/ dependencies
+  * fix: avoid adding bogus Country attribute to subject DNs
+  * sbctl: only store file if we did actually sign the file
+  * installkernel: add post install hook for Debian's traditional installkernel
+  * CI: missing libpcsclite pkg
+  * workflows: add missing depends and new pattern keyword
+  * Add yubikey example for create keys to the README
+  * Initial yubikey backend keytype support
+  * verify: ensure we pass args in correct order
+
+- bsc#1248949 (CVE-2025-58058):
+  Bump xz to 0.5.14
+
+- Update to version 0.17:
+  * Ensure we don't wrongly compare input/output files when signing
+  * Added --json supprt to sbctl verify
+  * Ensure sbctl setup with no arguments returns a helpful output
+  * Import latest Microsoft keys for KEK and db databases
+  * Ensure we print the path of the file when encountering an invalid PE file
+  * Misc fixups in tests
+  * Misc typo fixes in prints
+
+- Update to version 0.16:
+  * Ensure sbctl reads --config even if /etc/sbctl/sbctl.conf is
+    present
+  * Fixed a bug where sbctl would abort if the TPM eventlog
+    contains the same byte multiple times
+  * Fixed a landlock bug where enroll-keys --export did not work
+  * Fixed a bug where an ESP mounted to multiple paths would not be
+    detected
+  * Exporting keys without efivars present work again
+  * sbctl sign will now use the saved output path if the signed
+    file is enrolled
+  * enroll-keys --append will now work without --force.
+- Updates from version 0.15.4:
+  * Fixed an issue where sign-all did not report a non-zero exit
+    code when something failed
+  * Fixed and issue where we couldn't write to a file with landlock
+  * Fixed an issue where --json would print the human readable
+    output and the json
+  * Fixes landlock for UKI/bundles by disabling the sandbox feature
+  * Some doc fixups that mentioned /usr/share/
+</description>
+  <package>sbctl</package>
+</patchinfo>

patchinfo.20260126195507763486.93181000773252/_patchinfo

@@ -1,12 +0,0 @@
-<patchinfo>
-  <packager>eroca</packager>
-  <rating>moderate</rating>
-  <category>recommended</category>
-  <summary>Recommended update for doomsday</summary>
-  <description>This update for doomsday fixes the following issues:
-
-Introduces doomsday.
-
-</description>
-  <package>doomsday</package>
-</patchinfo>

patchinfo.20260127091248188902.93181000773252/_patchinfo

@@ -0,0 +1,63 @@
+<patchinfo incident="packagehub-98">
+  <packager>os-autoinst-obs-workflow</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for openQA, os-autoinst, openQA-devel-container</summary>
+  <description>This update for openQA, os-autoinst, openQA-devel-container fixes the following issues:
+
+Changes in openQA:
+
+- Update to version 5.1769068942.639067ee:
+  * Dependency cron 2026-01-22
+  * feat: Show limits on "Next &amp; Previous" tab within table
+
+- Update to version 5.1768996386.e3f58202:
+  * fix: Avoid Perl warning if product spec contains undef values
+  * GenericBug: Add [QE] to the subject
+  * doc: Mention version lookup of mediums and special value `*`
+  * doc: Wrap section about medium types consistently at 80 characters
+  * doc: Remove surplus white-space
+  * chore: Improve indentation/wrapping of comment
+  * feat: Improve error message when product contains no templates
+  * tests: Improve/add tests for "no products found" case
+  * KernelBug: Extend the kernel bug template
+  * feat: Improve error message when falling back to version `*`
+
+- Update to version 5.1768856318.847e4fc7:
+  * fix(systemd): prevent openqa-gru starting while mounts are unavailable
+  * fix(systemd): try restarts on failure to be more resilient
+  * feat: Show when "Next &amp; Previous" jobs are limited
+  * refactor: Format SQL code for "Next &amp; Previous" jobs more nicely
+  * refactor: Simplify determining latest job in "Next &amp; Previous" list
+
+- Update to version 5.1768402729.462b3957:
+  * feat: optionally configure fake auth key+secret+expiration
+
+Changes in os-autoinst:
+
+- Update to version 5.1769153586.72cabd0:
+  * Replace remaining functions with subroutine signatures in 18-qemu.t
+  * Fix snapshot overlay mechanism to avoid duplication
+  * fix(dist): provide proper copyright headers in all spec-files
+  * fix(dist): try to fix os-autoinst-obs-auto-submit reverting content
+  * fix(dist): exclude unstable t/28-signalblocker.t in OBS checks
+  * Add documentation of APPEND variable
+  * Add undocumented KERNEL/INITRD to the supported variables
+  * os-autoinst-generate-needle-preview: Embed PNG
+
+Changes in openQA-devel-container:
+
+- Update to version 5.1769167363.fd9ad8d88:
+  * Update to latest openQA version
+</description>
+  <package>openQA</package>
+  <package>openQA:openQA-devel-test</package>
+  <package>openQA:openQA-test</package>
+  <package>openQA:openQA-worker-test</package>
+  <package>openQA:openQA-client-test</package>
+  <package>os-autoinst</package>
+  <package>os-autoinst:os-autoinst-test</package>
+  <package>os-autoinst:os-autoinst-devel-test</package>
+  <package>os-autoinst:os-autoinst-openvswitch-test</package>
+  <package>openQA-devel-container</package>
+</patchinfo>

patchinfo.20260127091626750054.93181000773252/_patchinfo

@@ -0,0 +1,13 @@
+<patchinfo incident="packagehub-95">
+  <packager>letsfindaway</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for OpenBoard</summary>
+  <description>This update for OpenBoard fixes the following issues:
+
+Changes in OpenBoard:
+
+- update to release version 1.7.4
+</description>
+  <package>OpenBoard</package>
+</patchinfo>

patchinfo.20260127134511833854.93181000773252/_patchinfo

@@ -0,0 +1,16 @@
+<patchinfo incident="packagehub-97">
+  <packager>os-autoinst-obs-workflow</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for os-autoinst-distri-opensuse-deps</summary>
+  <description>This update for os-autoinst-distri-opensuse-deps fixes the following issues:
+
+Changes in os-autoinst-distri-opensuse-deps:
+
+- Added dependency perl(Inline::Python)
+- Added dependency mkisofs
+- Added dependency jq
+- Added dependency gzip
+</description>
+  <package>os-autoinst-distri-opensuse-deps</package>
+</patchinfo>

patchinfo.20260127144808374981.93181000773252/_patchinfo

@@ -0,0 +1,126 @@
+<patchinfo incident="packagehub-99">
+  <packager>DocB</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for tryton, trytond, gnuhealth, trytond_account, gnuhealth-client, proteus, python-PyWebDAV3-GNUHealth, trytond_account_invoice, trytond_party, trytond_product, trytond_purchase, trytond_stock, trytond_stock_lot, trytond_stock_supply</summary>
+  <description>This update for tryton, trytond, gnuhealth, trytond_account, gnuhealth-client, proteus, python-PyWebDAV3-GNUHealth, trytond_account_invoice, trytond_party, trytond_product, trytond_purchase, trytond_stock, trytond_stock_lot, trytond_stock_supply fixes the following issues:
+
+Changes in tryton:
+
+- Version 7.0.31 - Bugfix Release
+
+- Version 7.0.29 - Bugfix Release
+
+Changes in trytond:
+
+- Version 7.0.44 - Bugfix Release
+
+- Version 7.0.43 - Bugfix Release
+
+- Version 7.0.42 - Bugfix Release
+
+- Version 7.0.40 - Bugfix Release
+
+- Version 7.0.38 - Bugfix Release
+
+- Version 7.0.37 - Bugfix Release
+
+- Version 7.0.36 - Security Release for issue #14220
+
+- Version 7.0.35 - Bugfix Release
+
+- Version 7.0.34 - Bugfix Release
+
+- Version 7.0.33 - Bugfix Release
+
+Changes in gnuhealth:
+
+- version 5.0.5
+  * optimizations to language files
+  * various fixes
+  * install_demo_database.sh added
+
+- version 5.0.2
+  * inconsistent naming of package and directories, switch to local copy
+  * gnuhealth.keyring removed due to local copy
+  * Remove unused dependencies from health module
+  * Wrong cursor field teeth (dentistry module)
+  * remove pillow dependency from lab and dentistry
+
+Changes in trytond_account:
+
+- Version 7.0.23 - Bugfix Release
+
+- Version 7.0.22 - Bugfix Release
+
+- Version 7.0.21 - Bugfix Release
+
+Changes in gnuhealth-client:
+
+- version 5.0.1
+  * Fix issue #11. default settings for federation.gnhealth.org not working
+  * allow Python 3.14
+
+Changes in proteus:
+
+- Version 7.0.3 - Bugfix Release
+
+- Version 7.0.2 - Bugfix Release
+
+Changes in python-PyWebDAV3-GNUHealth:
+
+- version 0.13.0
+  * no changelog provided
+  * source file renamed
+
+Changes in trytond_account_invoice:
+
+- Version 7.0.14 - Bugfix Release
+
+Changes in trytond_party:
+
+- Version 7.0.7 - Bugfix Release
+
+Changes in trytond_product:
+
+- Version 7.0.3 - Bugfix Release
+
+Changes in trytond_purchase:
+
+- Version 7.0.16 - Bugfix Release
+
+- Version 7.0.15 - Bugfix Release
+
+Changes in trytond_stock:
+
+- Version 7.0.16 - Bugfix Release
+
+- Version 7.0.15 - Bugfix Release
+
+- Version 7.0.14 - Bugfix Release
+
+Changes in trytond_stock_lot:
+
+- Version 7.0.5 - Bugfix Release
+
+- Version 7.0.4 - Bugfix Release
+
+Changes in trytond_stock_supply:
+
+- Version 7.0.5 - Bugfix Release
+</description>
+  <package>tryton</package>
+  <package>trytond</package>
+  <package>gnuhealth</package>
+  <package>trytond_account</package>
+  <package>gnuhealth-client</package>
+  <package>proteus</package>
+  <package>python-PyWebDAV3-GNUHealth</package>
+  <package>trytond_account_invoice</package>
+  <package>trytond_party</package>
+  <package>trytond_product</package>
+  <package>trytond_purchase</package>
+  <package>trytond_stock</package>
+  <package>trytond_stock_lot</package>
+  <package>trytond_stock_supply</package>
+</patchinfo>

patchinfo.20260129102824525983.93181000773252/_patchinfo

@@ -0,0 +1,407 @@
+<patchinfo>
+  <packager>tinita</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for perl-Perl-Tidy</summary>
+  <description>This update for perl-Perl-Tidy fixes the following issues:
+
+Changes in perl-Perl-Tidy:
+
+- updated to 20260109.0.0 (20260109)
+   see /usr/share/doc/packages/perl-Perl-Tidy/CHANGES.md
+
+  ## 2026 01 09
+      - A new parameter --break-at-old-trailing-loops, or -botl, keeps
+        existing line breaks at these trailing loop control keywords:
+           'for', 'foreach', 'while', 'until'.
+        This is the default. For example, given the following two input lines:
+          FindExt::scan_ext("../$_")
+            foreach qw(cpan dist ext);
+        The new default keeps two lines. The previous version flattened the
+        statement, since it fits on a single line:
+          FindExt::scan_ext("../$_") foreach qw(cpan dist ext);
+        Use -nbotl to deactivate this new option.
+      - A related new parameter --break-at-old-trailing-conditionals, or -botc
+        keeps existing line breaks at trailing conditional control keywords:
+            'if', 'unless'.
+        This is the default.  The capability was previously handled by
+        parameter --break-at-old-logical-breakpoints, or -bol, which was also
+        true by default, but which also also controls logical breakpoints,
+        such as '&amp;&amp;'. This change simplifies the input.
+        Use -nbotc to deactivate this option.
+      - A new switch --blanks-before-opening-comments, -bboc, has been added
+        for issue git #192.  This is on by default and allows perltidy to insert
+        a blank line before full-line comments which start at a new indentation
+        level.  Use the negated form to prevent such blank lines, -nbboc
+        or --noblanks-before-opening-comments
+      - A new parameter --dump-keyword-usage, or -dku, can be used to dump a
+        list of the the perl builtin keywords used in a file. A companion flag
+        --dump-keyword-usage-list=s can be used to give a specific list of
+        keywords or user functions to be included in the list.
+      - When the -html option is used with the default --pod2html setting,
+        perltidy will look for a pod-to-html formatter in this order:
+        Pod::Simple::XHTML, Pod::Simple::HTML, and Pod::Html.  A preferred
+        formatter can be selected with --use-pod-formatter=s. Previously
+        the only option was Pod::Html, and it can still be selected with
+        --use-pod-formatter="Pod::Html". The reason for this update is
+        that this older formatter has limitations, and requires the
+        creation of a temporary file for data transfer. This update also
+        allows formatting of pod text containing non-ascii characters.
+      - When perltidy is run with the -html option, and pod is rendered to html
+        with Pod::Html, the pod2html option 'backlink' could not be set in
+        in previous versions due to a programming error. This has been fixed.
+        This setting can now be made by giving perltidy the flag '--podbacklink'.
+      - The default for --timeout-in-seconds is reduced from 10 to 5 seconds.
+        A default value of 10 seemed excessive. It can be changed with -tos=n.
+      - The option --delete-weld-interfering-commas, or -dwic, has been
+        made much more accurate. It now makes fewer unnecessary comma deletions.
+      - This version does more extensive checking of all string input parameters
+        and will exit early on an error.  The intention is to catch input errors
+        as early as possible.
+      - Fixed issue with --dump-mixed-call-parens. A trailing statement modifier
+        such as the following 'if' was incorrectly being counted as having parens:
+          return $class if ($old_quote - $new_quote) == 0;
+
+- updated to 20250912.0.0 (20250912)
+   see /usr/share/doc/packages/perl-Perl-Tidy/CHANGES.md
+
+  ## 2025 09 12
+      - Fix git #191, where a new check to escape whitespace in a qw() quote
+        in perl-5.43.2 caused Perl::Tidy to emit unwanted warning messages.
+      - A new output field for the --dump-block-summary command gives
+        the number of lines of comments and pod in a block.  For subs and
+        anonymous subs, the existence of header comments is also indicated.
+      - Added --dump-nested-ternaries, --warn-nested-ternaries, and
+        --nested-ternary-maximum-depth=n. These can be used to locate
+        nested ternary statements in a script.
+      - For the --line-up-parentheses option, a line length tolerance was
+        adjusted by 1 character to help keep table formatting unchanged when
+        adding and deleting trailing commas.  This can occasionally change
+        formatting of some small lists when formatted with -lp.
+      - In hash key lists which have side comments after sub blocks,
+        long lines which were previously broken before a comma may now
+        be broken after a previous '=&gt;'. This change was made to
+        fix a very rare stability problem. For example:
+        OLD:
+          '+' =&gt; sub { $turtle-&gt;turn( $changes-&gt;{"dtheta"} ); }
+          ,               # Turn clockwise
+        NEW:
+          '+' =&gt;
+              sub { $turtle-&gt;turn( $changes-&gt;{"dtheta"} ); },    # Turn clockwise
+      - Fixed undefined variable reference when --dump-block-summary was
+        run with --dump-block-types='package'. The dump was okay, but
+        an error message like the following was emitted:
+        Use of uninitialized value $seqno in hash element ...
+      - The parameter --integer-range-check no longer accepts a 0 value, which
+        allowed integer range checks to be skipped.  This option was included
+        temporarily when new range-checking code was added to provide a
+        workaround in case problems arose with the new logic.  No problems have
+        been encountered, so this has been removed.
+
+- updated to 20250711.0.0 (20250711)
+   see /usr/share/doc/packages/perl-Perl-Tidy/CHANGES.md
+
+  ## 2025 07 11
+      - Update for issue git #187: add vertical alignment of colons
+        used as attribute separators. These colons have token type 'A',
+        and this vertical alignment will be on by default (since all
+        vertical alignments occur by default).  For example:
+          # old default
+          field $tile_size : param;
+          field $bar : reader : writer;
+          # new default with alignment of token type 'A'
+          field $tile_size  : param;
+          field $bar        : reader : writer;
+        This alignment can be turned off to recover the previous formatting
+        with --valign-exclusion-list='A', or -vxl='A'.
+      - Update for issue git #186: if a closing format skipping comment
+        '#&gt;&gt;&gt;' is encountered before any '#&lt;&lt;&lt;' is seen, then format
+        skipping is assumed to start with the first line of the file.
+        Use --nodetect-format-skipping-from-start or -ndfsfs to prevent
+        this check.
+      - Added option --code-skipping-from-start, or -csfs. This causes
+        code-skipping to begin from the start of a file even though there
+        is no starting marker comment, '#&lt;&lt;V'.
+      - Fixed a bug involving the --format-skipping option. If a line in
+        the skipped code had trailing blanks, then the newline at the end
+        of that line was lost.
+      - Added a check to insure that format skipping begin and end markers
+        strictly alternate along the lines of a file. If these markers
+        do not alternate, a warning occurs and formatting is skipped.
+        This is intended to help catch errors.
+      - For lists which contain here docs and which are formatted with
+        the --line-up-parentheses option, the formatting may in some
+        cases change to more closely follow the -lp style.
+
+- updated to 20250616.0.0 (20250616)
+   see /usr/share/doc/packages/perl-Perl-Tidy/CHANGES.md
+
+  ## 2025 06 16
+      - Added support for the assigning logical xor ^^= operator
+      - For input parameters which allow a paren type to be selected, the
+        selection 'f' (function call) now includes functions called with
+        a direct arrow before the paren, '-&gt;('. This was an oversight which
+        has been corrected.
+      - A new parameter --break-at-old-comma-types=s, or -boct=s, allows the
+        parameter --break-at-old-comma-breakpoints (-boc) to be limited to
+        selected container types.  For example, -boc -boct='f(' means break
+        at old commas but only if they are function call lists.
+      - A new parameter --cuddled-paren-brace-weld, or -cpbw, has been added to
+        handle issue git #184. This modifies --cuddled-paren-brace by
+        preventing a paren and following brace from getting separated in
+        certain situations. The difference is illustrated here:
+          # perltidy -cpb alone has no effect for this short snippet:
+          if (   $Kouter_opening == $Kfirst
+              &amp;&amp; $has_tight_paren{$type_prev} )
+          {
+              $Kref = $Kprev;
+          }
+          # perltidy -cpb -cpbw keeps the closing paren next to the opening brace:
+          if (
+                 $Kouter_opening == $Kfirst
+              &amp;&amp; $has_tight_paren{$type_prev}
+          ) {
+              $Kref = $Kprev;
+          }
+      - The parameter --maximum-fields-per-table, or -mft, now accepts a string
+        input which can limit its application to certain containers. For
+        example, -mft='f(1' means that function call lists should be formatted
+        with just 1 item per line. It has no effect on other tables. The
+        manual has further information.
+      - Add option --break-open-compact-parens=s, discussed in git #78.
+        This changes the default formatting for lists which would normally
+        be displayed compactly on two lines. It causes them to be formatted
+        in the same way as long lists, with line breaks at the opening and
+        closing parentheses.
+      - Add option --skip-formatting-except-id=NAME, or -sfei=NAME, discussed
+        in git #183.  This allows formatting to apply only to lines tagged
+        with #&lt;&lt;&lt; id=NAME, where NAME is a user-defined tag. The special
+        variation -sfei='-' can be used to run perltidy with full checking
+        but without any formatting changes.
+      - A relatively rare problem with the formatting combination -xci and -lp or
+        -xlp has been fixed.  Some lines had more leading spaces that intended.
+      - New option -m added to --dump-mismatched-returns and
+        --warn-mismatched-returns. This checks for multiple array
+        return sizes. A warning occurs when a sub has multiple returns
+        of finite lists with different counts greater than 1, and
+        not all of them are matched with calls.
+      - Improved support for Object::Pad, see git #182.
+      - A limitation on the treatment  of lexical subs has been fixed. Previously,
+        a lexical sub with the same name as a quote operator would produce a warning,
+        and might cause a tokenization error.
+      - Here targets in quotes are now located and handled correctly.
+
+- updated to 20250311.0.0 (20250311)
+   see /usr/share/doc/packages/perl-Perl-Tidy/CHANGES.md
+
+  ## 2025 03 11
+      - The options --want-call-parens and --nowant-call-parens were accidentally
+        being skipped in version 20250214. This has been fixed.
+      - Fixed git #32, a tokenization error with message "hit EOF seeking end of
+        quote/pattern" for a function call without paren or arg before a
+        ternary operator.
+      - A new option --dump-similar-keys will dump hash keys which are
+        similar but slightly different to standard output and then exit.
+        A related option --warn-similar-keys will report keys with are similar
+        to the error output while formatting. Both of these can be controlled
+        by parameters which are described in the input manual.
+      - A new option --dump-hash-keys will dump all hash keys found by
+        perltidy to standard output.
+      - The output table for --dump-block-summary has an additional field.
+        It is an alternate McCabe complexity count which is the same as
+        the previous count except for subs. For subs, the complexity number
+        is reduced by the values for any contained anonymous subs.
+      - Fix git #181, remove continuation indentation from closing brace
+        of an anonymous sub which terminates an input stream.
+
+- updated to 20250214.0.0 (20250214)
+   see /usr/share/doc/packages/perl-Perl-Tidy/CHANGES.md
+
+  ## 2025 02 14
+      - A new option --keep-old-blank-lines-exceptions=s, or --kblx=s,
+        allows selected blank lines to be ignored when an input stream
+        is read. The parameter s is used to select the blank lines to
+        be ignored. This option provides an inverse to other blank line
+        parameters. The manual has details. See discussion git #180.
+      - A new option --warn-unused-keys, or -wuk, has been added which will
+        produce warnings for unused hash keys during formatting. This is similar
+        to --dump-unused-keys, which just exits and does not continue formatting.
+        A related new parameter --warn-unused-keys-cutoff=N provides control
+        over a filter which prevents warnings for keys which appear to be
+        members of large hashes used to communicate with external packages.
+        The manual has details.  See git #177.
+      - A new option --pack-opening-types='-&gt;' has been added to provide more
+        control over breaks of method call chains.  It tells perltidy not to
+        break at every method call when a chain of calls spans multiple lines.
+        This was the behavior in versions prior to 20250105. The default
+        starting with 20250105 is to break at each call of a method call chain
+        which spans multiple lines. See git #171.
+
+- updated to 20250105.0.0 (20250105)
+   see /usr/share/doc/packages/perl-Perl-Tidy/CHANGES.md
+
+  ## 2025 01 05
+      - If a file consists only of comments, then the starting indentation will
+        be guessed from the indentation of the first comment. Previously it would
+        be guessed to be zero. Parameter --starting-indentation-level=n can be
+        used to specify an indentation and avoid a guess. This issue can
+        arise when formatting a block of comments from within an editor.
+      - Added missing 'use File::Temp' for -html option. This was causing the
+        message: "Undefined subroutine &amp;File::Temp::tempfile called at ..."
+        See git #176.
+      - A new parameter --dump-unique-keys, or -duk, dumps a list of hash keys
+        which appear to be used just once, and do not appear among the quoted
+        strings in a file. For example:
+           perltidy -duk File.pm &gt;output.txt
+        This can help locate misspelled hash keys.
+      - Line breaks at long chains of method calls now break at all calls
+        with args in parens, as in this example from git #171
+          # Old default
+          sub bla_p( $value = 42 ) {
+              return Mojo::Promise-&gt;resolve($value)-&gt;then( sub { shift() / 2 } )
+                -&gt;then( sub { shift() + 6 } )-&gt;then( sub { shift() / 2 } )
+                -&gt;catch( sub { warn shift } );
+          }
+          # New default
+          sub bla_p( $value = 42 ) {
+              return Mojo::Promise-&gt;resolve($value)
+                -&gt;then( sub { shift() / 2 } )
+                -&gt;then( sub { shift() + 6 } )
+                -&gt;then( sub { shift() / 2 } )
+                -&gt;catch( sub { warn shift } );
+          }
+      - Parameter --break-at-old-method-breakpoints, or -bom, has been
+      updated to insure that it only applies to lines beginning with
+      method calls, as intended.  Line breaks for all lines beginning with
+      '-&gt;', even non-method calls, can be retained by using
+      --keep-old-breakpoints_before='-&gt;'.
+      - Added parameter --multiple-token-tightness=s, or -mutt=s.
+      The default value --paren-tightness=1 adds space within the parens
+      if, and only if, the container holds multiple tokens.  Some perltidy
+      tokens may be rather long, and it can be preferable to also space some of
+      them as if they were multiple tokens.  This can be done with this parameter,
+      and it applies to parens as well as square brackets and curly braces.
+      For example, the default below has no space within the square brackets:
+          # perltidy
+          my $rlist = [qw( alpha beta gamma )];
+      Spaces can be obtained with:
+          # perltidy -mutt='q*'
+          my $rlist = [ qw( alpha beta gamma ) ];
+      The parameter -mutt='q*' means treat qw and similar quote operators as
+      multiple tokens.  The manual has details; git #120 has another example.
+      - Added parameter --indent-leading-semicolon, -ils; see git #171. When
+      this is negated, a line with a leading semicolon does not get the extra
+      leading continuation indentation spaces (defined with -ci=n).
+      - Space around here doc delimiters follow spacing controls better. For
+      example, a space is now added before the closing paren here:
+         OLD: (without the here doc):
+         push( @script, &lt;&lt;'EOT');
+         NEW:
+         push( @script, &lt;&lt;'EOT' );
+      Also, any spaces between the '&lt;&lt;' and here target are removed (git #174):
+         OLD:
+         push( @script, &lt;&lt;  'EOT');
+         NEW:
+         push( @script, &lt;&lt;'EOT' );
+      - Added parameter --break-at-trailing-comma-types=s, or -btct=s, where
+      s is a string which selects trailing commas.  For example, -btct='f(b'
+      places a line break after all bare trailing commas in function calls.
+      The manual has details.
+      - Fix git #165, strings beginning with v before =&gt; gave an incorrect error
+      message.
+      - The parameter --add-lone-trailing-commas, -altc, is now on by default.
+      This will simplify input for trailing comma operations. Use
+      --noadd-lone-trailing-commas, or -naltc to turn it off.
+      - More edge cases for adding and deleting trailing commas are now handled
+      (git #156).
+      - A problem has been fixed in which the addition or deletion of trailing
+      commas with the -atc or -dtc flags did not occur due to early convergence
+      when the -conv flag was set (git #143).
+      - Added parameter --qw-as-function, or -qwaf, discussed in git #164.
+      When this parameter is set, a qw list which begins with 'qw(' is
+      formatted as if it were a function call with call args being a list
+      of comma-separated quoted items. For example, given this input:
+      @fields = qw( $st_dev	   $st_ino    $st_mode $st_nlink   $st_uid
+        $st_gid $st_rdev    $st_size $st_atime   $st_mtime  $st_ctime
+        $st_blksize $st_blocks);
+      # perltidy -qwaf
+      @fields = qw(
+          $st_dev   $st_ino   $st_mode  $st_nlink
+          $st_uid   $st_gid   $st_rdev  $st_size
+          $st_atime $st_mtime $st_ctime $st_blksize
+          $st_blocks
+      );
+
+- updated to 20240903.0.0 (20240903)
+   see /usr/share/doc/packages/perl-Perl-Tidy/CHANGES.md
+
+  ## 2024 09 03
+      - Add partial support for Syntax::Operator::In and Syntax::Keyword::Match
+        (see git #162).
+      - Add --timeout-in-seconds=n, or -tos=n.  When the standard input supplies
+        the input stream, and the input has not been received within n seconds,
+        perltidy will end with a timeout message.  The intention is to catch
+        a situation where perltidy is accidentally invoked without a file to
+        process and therefore waits for input from the system standard input
+        (stdin), which never arrives.  The default is n=10.
+        This check can be turned off with -tos=0.
+      - Add parameter --closing-side-comment-exclusion-list=string, or
+        -cscxl=string, where string is a list of block types to exclude
+        for closing side comment operations.  Also, closing side comments
+        now work for anonymous subs if a --closing-side-comment-list (-cscl)
+        is not specified, and when 'asub' is requested with -cscl=asub.
+        Use -cscxl=asub to prevent this.
+      - Include check for unused constants in --dump-unusual-variables and
+        --warn-variable-types (new issue type 'c'). Also expand checks to
+        cover variables introduced with 'use vars'.
+      - Include signature variables in --dump-unusual-variables and
+        --warn-variable-types; see git #158.
+      - Add logical xor operator ^^ available in perl version 5.40, as
+        noted in git #157.
+      - Keyword 'state' now has default space before a paren, like 'my'.
+        Previously there was no space and no control.  So the default
+        is now "state ($x)". This space can be removed with -nsak='state'.
+      - Add options --add-lone-trailing-commas, -altc and
+        --delete-lone-trailing-commas, -dltc, to provide control over adding
+        and deleting the only comma in a list.  See discussion in git #143
+        and the updated manual.
+      - Add options --dump-mismatched-returns (or -dmr) and
+        --warn-mismatched-returns (or -wmr).  These options report function
+        calls where the number of values requested may disagree with sub
+        return statements.  The -dump version writes the results for a single
+        file to standard output and exits:
+           perltidy -dmr somefile.pl &gt;results.txt
+        The -warn version formats as normal but reports any issues as warnings in
+        the error file:
+           perltidy -wmr somefile.pl
+        The -warn version may be customized with the following additional
+        parameters if necessary to avoid needless warnings:
+        --warn-mismatched-return-types=s (or -wmrt=s),
+        --warn-mismatched-return-exclusion-list=s (or -wmrxl=s)
+        where 's' is a control string. These are explained in the manual.
+      - Updates for issue git #151:
+        (1) --warn-variable-types=u is now okay if a named file is processed.
+        (2) --warn-variable-exclusion-list=s now allows leading and/or
+        trailing * on variable names to allow a wildcard match. For example
+        -wvxl='*_unused' is okay and would match $var1_unused and $var2_unused.
+        (3) --dump-unusual-variables now outputs the filename.
+      - A option was added to filter unimplemented parameters from perltidy
+        configuration files, suggested in git #146.  It works like this: if
+        a line in the config file begins with three dashes followed by a
+        parameter name (rather than two dashes), then the line will be removed
+        if the parameter is unknown. Otherwise, a dash will be removed to make
+        the line valid.
+      - Parameters --dump-mismatched-args (or -dma) and
+        --warn-mismatched-args (or -wma) have been updated to catch more
+        arg count issues.
+      - Fixed issue git #143, extend -add-trailing-commas to apply to a list
+        with just a fat comma.
+      - The minimum perl version is 5.8.1. Previously it was 5.8.0, which was
+        not correct because of the use of utf8::is_utf8.
+      - Fixed issue git #142, test failure installing on perl versions before
+        version 5.10.  The error caused the new parameter
+        -interbracket-arrow-style=s not to work. Except for this limitation,
+        Version 20240511 will work on older perl versions.
+</description>
+  <package>perl-Perl-Tidy</package>
+</patchinfo>