Prompted by a question asked in #curl on libera. This behavior seems to have been present since the very beginning of curl and is explained in a code comment, so I'm assuming it's deliberat...
The curl project has been accepted as a CVE Numbering Authority (CNA) for vulnerabilities in all products directly made or managed by the project. If I'm counting correctly, we are the 351st CNA.
In May 2024 we finally decided that maybe the time has come for curl to drop support of older TLS libraries. Libraries that because they don't support the modern TLS version (1.3) for many users are maybe not suitable to build upon for the future.
The feature window is closed. The pending 8.12.0 release is scheduled to happen on February 5. If things go well, we open the feature window again on February 15. The curl release cycle is explaine...
The pending cookie RFC update (currently known as 6265bis draft-19) says
Let cookie-age-limit be the maximum age of the cookie (which name of
Max-Age and an attribute-value of expiry-time. SHOULD ...
The slides = https://www.slideshare.net/DanielStenberg7/mastering-the-curl-command-linepdf0:00 Mastering the curl command line0:16 Daniel Stenberg0:36 curl s...
Seventeen years ago Coverity started offering #curl to use their static code analyzer to find defects. One of the better static analyzers we still use today.
On scan.coverity.com, the nice guys at Coverity run scans on open source projects to check for flaws in their source code. Their list currently includes 265 projects, and curl is one of them.
This discussion:
openssl/openssl#23339 (comment)
Specifically item number 2 (Send Blocking) was raised by the curl team, noting that SSL_want_write returning false was not a good indicator of when ...
The msh3 backed for QUIC and HTTP/3 was introduced in April 2022 but has never been made to work properly. It has seen no visible traction or developer activity from the msh3 main author (or anyone...
If you have more or better screenshots, please share! This shot is taken from the ending sequence of the PC version of the game Grand Theft Auto V. 44 minutes in! See the youtube version. Sky HD is a satellite TV box. This is a Philips TV.
Problem with that is (besides occasional bugfixes), most people including myself would see #curl to be functionally complete and anything "nice to have" would be considered not worth the balooning in #complexity and #size.
I mean, does curlneed to be able to do #BitTorrent (magnet:), #IPFS (ipfs://) or god forbid #blockchain (i.e. #EVM) support?
Do you really want to integrate @torproject / #Tor support natively into curl when using #HTTP (localhost:8118) and #SOCKS5 (localhost:9050) #proxy allows for the same and doesn't necessitate having to handle and ingest Tor arguments as well??
Maybe someone who wants to have said functionality like tor support built-in will go and IDK make i.e. #[url=https://infosec.space/tags/neocurl]neocurl[/url] or sth. along those lines or build something like #[url=https://infosec.space/tags/ethcurl]ethcurl[/url] or #[url=https://infosec.space/tags/tor]tor[/url]curlor #[url=https://infosec.space/tags/ipfs]ipfs[/url]curl or whatever...
That being said I am glad curl isn't solely maintained by you but has other contributors (give them a shoutout!) but I also am glad you maintain that vital software that most "#TechIlliterate #Normies" most likely never heard of but propably use on a daily basis as part of all the #tech they use to #consume media with...
I consider curl to be "the #vim of downloaders" (tho that's kinda insulting and limiting since curl is more than just a downloader and more intuitive than vim) with wget being "the #vi of downloaders" (tho wget is even simpler to use than vi)...
I have certain paths, which are too long to type, so I need to wrap all those in one script as alias and source that script to my existing package code.
These should set alias permanently over that
Issue Addressed:
The documentation of curl_multi_waitfds indicates that users should be able to call curl_multi_waitfds with a NULL ufds. However, before this change, the function would return CUR...
Greetings! This discussion thread is for the purpose to coordinate efforts to attempt to restore Metalink support. See #7176 metalink-dev/libmetalink#5
Eight years ago on this date, I had to publicly share this #curl security advisory as perhaps one of my lamest mistakes ever: curl.se/docs/CVE-2016-9594.htm…
So what did happen in the curl project during 2012? First some basic stats We shipped 6 releases with 199 identified bug fixes and some 40 other changes.
I'm a little amused that there are so may people trying to find faults or poke "a hole" in this graph. You're taking this too seriously. It's not the end of the world if some commits are assigned the wrong time zone.
The fact is that many top contributors to #curl, myself included, are based in Europe. That's the simple explanation for why the graph looks like this.
