Those 2 symbols were available since the first 7.1.1 releaseGitHub
Tried to clean up and extend the documentation on the WebSocket-API a little. There are some other information missing from the docs in my opinion, but since they are not relevant for my use case I...GitHub
I did this Curl fails at make check with Perl 5.41.7 due to: make[2]: Leaving directory '/jenkins/workspace/Port-Build/curl/curl-8.11.1/tests' srcdir=. /jenkins/zopen/usr/local/zopen/perl/perl5-hea...GitHub
🏆 A huge congratulations to @bagder , founder of cURL , for receiving the first European Open Source Achievement Award! 🎉
The award was presented by Omar Mohsine, Open Source Coordinator at the UN, a key advocate for using open technologies !
👏 Daniel will take place in the EOSAcademy as its President! #EOSA2025 #FOSS #cURL
Busy days now. On this Saturday on #FOSDEM I will speak about #curl security work in "tightening every bolt":
fosdem.org/2025/schedule/event…
A 1337 #curl author
daniel.haxx.se/blog/2025/01/29…
For quite some time now, I celebrate and welcome every new commit author in the curl project in the public.daniel.haxx.se
Welcome Michael Schuster as #curl commit author... 1337
github.com/curl/curl/pull/1604…
Yes, number 1337 finally happened.
Problems Build fails when support for session tickets is disabled (thus HAS_SESSION_TICKETS undefined in lib/vtls/mbedtls.c). Runtime error for all TLS connections when built with MBEDTLS_USE_PSA_...GitHub
we're getting into similar territory with a CVE we publish for #curl next week. We've debated it to death internally... 😀
Stay tuned!
RFC 6455 Section 5.2 notes that for bits RSV1, RSV2, and RSV3 of the framing header, a non-zero value that is not defined by a negotiated extension MUST Fail the WebSocket connection. Related to #1...GitHub
asyn-thread was forgetting to copy the actual HTTPS info into the result and asyn-ares had a minor memory leak that only existed in another OOM path.GitHub
make #curl --url support a file with URLs?
curl.se/mail/archive-2025-01/0…
With my new PR, you can write "curl --url @file" and curl will download all the URLs in the provided file as if -O was used for each one of them. It can also get the list from stdin if you do "--url @-" in style with how other curl options work.
This is the first in a new series of monthly emails about what YOU can do to help out in the #curl project:
We have just confirmed that #curl up 2025 will take place in Prague over the weekend May 3-4.
Mark it in your calendars. Plan for it. We have started to add details to the wiki page of this year's event:
Top #curl sponsors as of now. Friends!
(yeps, it is the exact same list of names I have showed for quite some time...)
Twenty-six years ago on this day when we shipped #curl 5.5.1, the changelog was easier to gather than what they usually are today: curl.se/ch/5.5.1.html
Two bugfixes listed.
To play HTTPS RR in #curl's bleeding edge: github.com/curl/curl/blob/mast…
Expect rough edges.
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP...GitHub
Do you think this is fair?
"Problems that only trigger using legacy dependencies are not considered security problems."
github.com/curl/curl/pull/1608…
#curl
Uhmmmm... so, make yourself a CVE authority on your stuff [effectively blocking anyone else from publishing anything on your stuff), and do nothing else (i.e. no CVE published).
Of course, it's a bit late for #curl, but you know, other projects?
(and yes, it's naughty. I'm in a naughty mood, yeah?)
CVSS is dead to us
daniel.haxx.se/blog/2025/01/23…
#curl
CVSS is short for Common Vulnerability Scoring System and is according to Wikipedia a technical standard for assessing the severity of vulnerabilities in computing systems.daniel.haxx.se
It is only a year since we switched all #curl man pages to markdown but wow, what an improvement and "life enhancer"!
daniel.haxx.se/blog/2024/01/23…
I trust you have figured out already that I have the highest ambitions for the curl documentation. I want everything documented in a clear, easy-to-read and easy-to-find manner.daniel.haxx.se
Want to help us improve the #curl shell completion script(s)?
github.com/curl/curl/issues/16…
I did this I tried to reproduce the Arch Linux curl package by repeating the build in the documented build environment and noticed the zsh completions do not match: https://web.archive.org/web/2025...GitHub
curl features an alternative progress bar. When you invoke it with -# or the longer version --progress-bar, curl will show the transfer progress using a single "bar" on the screen instead of the default meter that shows a lot of data like amount of d…daniel.haxx.se
Problem When using automatic zstd decoding from libcurl, libcurl's custom allocators are not passed through to libzstd. Solution To configure libzstd's custom allocators, we must pass them ...GitHub
#curl from start to end (with an extensive Q&A in the end)
youtu.be/WmMa1GVPWZ0?si=SDAkbq…
First type the curl command into your shell and press enter. What exactly happens then? Daniel takes you through a step-by-step from the command line tool, i...YouTube
I'll do my #curl from start to end presentation live-streamed tomorrow:
daniel.haxx.se/blog/2025/01/16…
On Tuesday January 21st 2025, at 16:00 CET (15:00 UTC) I will do a presentation titled as per above. I have not done this one before.daniel.haxx.se
Prompted by a question asked in #curl on libera. This behavior seems to have been present since the very beginning of curl and is explained in a code comment, so I'm assuming it's deliberat...GitHub
As some people expressed interest, I used this wretched day for a blog about curl's tracing.
#curl
github.com/icing/blog/blob/mai…
Contribute to icing/blog development by creating an account on GitHub.GitHub
At this year's #FOSDEM my team at #wolfSSL got no booth space so my large volume #curl sticker distribution (LVCSD) has to be done using other means.
The LVCSD will most likely happen in the cafeteria area, but feel free to ping me if you can't get your fix as planned.
I will bring thousands of curl stickers and hundreds of coasters. There will be a few mugs and maybe some tshirts.
Buying myself friends, like a boss.
I've decided to do a little live-streamed #curl presentation on twitch next week (Jan 21):
"curl from start to end". For free of course, no signup. Just show up.
daniel.haxx.se/blog/2025/01/16…
On Tuesday January 21st 2025, at 16:00 CET (15:00 UTC) I will do a presentation titled as per above. I have not done this one before.daniel.haxx.se
The curl project has been accepted as a CVE Numbering Authority (CNA) for vulnerabilities in all products directly made or managed by the project. If I'm counting correctly, we are the 351st CNA.daniel.haxx.se
Secure Transport support in #curl is on its way out
daniel.haxx.se/blog/2025/01/14…
In May 2024 we finally decided that maybe the time has come for curl to drop support of older TLS libraries. Libraries that because they don't support the modern TLS version (1.3) for many users are maybe not suitable to build upon for the future.daniel.haxx.se
It is already *seven* years ago since Microsoft first announced they would start distributing #curl as part of Windows:
daniel.haxx.se/blog/2018/01/13…
On December 19 2017, Microsoft announced that since insider build 17063 of Windows 10, curl is now a default component.daniel.haxx.se
23 days to next #curl release:
github.com/curl/curl/discussio…
The feature window is closed. The pending 8.12.0 release is scheduled to happen on February 5. If things go well, we open the feature window again on February 15. The curl release cycle is explaine...GitHub
