mastodon.ie

Stefan EissingWe have 6 open issues now in curl, 3 of them are handled but waiting for the feature window to open again.Optimistic that the release next week will fix this! <a href="https://chaos.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a>

daniel:// stenberg://More views on <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a> vulnerabilities<a href="https://daniel.haxx.se/blog/2025/07/10/more-views-on-curl-vulnerabilities/" rel="nofollow noopener" translate="no" target="_blank">https://daniel.haxx.se/blog/2025/07/10/more-views-on-curl-vulnerabilities/</a>

Stefan EissingStarted a curl discussion about adding an API call to retrieve information from a curl multi handle.If you develop a libcurl application and you need information from a multi, please make your case. <a href="https://chaos.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a> <a href="https://github.com/curl/curl/discussions/17870" rel="nofollow noopener" translate="no" target="_blank">https://github.com/curl/curl/discussions/17870</a>

daniel:// stenberg://Welcome Karthik Dasari as <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a> commit author 1390: <a href="https://github.com/curl/curl/pull/17864" rel="nofollow noopener" translate="no" target="_blank">https://github.com/curl/curl/pull/17864</a>

daniel:// stenberg://single-digit number of open <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a> issues...

JP Mens<a href="https://mastodon.social/@bagder" class="u-url mention" rel="nofollow noopener" target="_blank">@bagder</a> reminds me that when I query an appropriately configured <a href="https://fosstodon.org/@iscdotorg" class="u-url mention" rel="nofollow noopener" target="_blank">@iscdotorg</a> BIND9 name server it divulges an (unmaintained) list of authors.Does <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a> have a secret option to do likewise? ;-)

daniel:// stenberg://Welcome Eshan Kelkar as <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a> commit author 1389: <a href="https://github.com/curl/curl/pull/17856" rel="nofollow noopener" translate="no" target="_blank">https://github.com/curl/curl/pull/17856</a>

daniel:// stenberg://<a href="https://social.kernel.org/users/corbet" class="u-url mention" rel="nofollow noopener" target="_blank">@corbet</a> we keep ftp support in <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a> for readline 😁

daniel:// stenberg://Keeping tabs on <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a>'s memory use<a href="https://daniel.haxx.se/blog/2025/07/08/keeping-tabs-on-curls-memory-use/" rel="nofollow noopener" translate="no" target="_blank">https://daniel.haxx.se/blog/2025/07/08/keeping-tabs-on-curls-memory-use/</a>

Timo J<a href="https://mastodon.social/@bagder" class="u-url mention" rel="nofollow noopener" target="_blank">@bagder</a> “<a href="https://mastodon.online/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a> up AI: Quit It”

daniel:// stenberg://Abstract:In these days of "vibe coding" and chatbots, users ask AIs for help with everything. Asked to find security problems in Open Source projects, AI bots tell users something that sounds right. Reporting these "findings" wastes everyone's time and causes much frustration and fatigue. Daniel shows how this looks, how it DDoS projects and how totally beyond crazy stupid this is. With examples and insights from the <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a> project.----Good enough maybe?

daniel:// stenberg://I'm doing a keynote next month at an Open Source conference about AI (abuse) in <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a>'s security program etc. I could use your help:1. Give me a clever title 2. What details would you like such a talk to contain?

daniel:// stenberg://I think this is slightly better. Shows better how many really old <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a> vulnerabilities we have had reported. Age of the flaw in number of the years on the y-axis, proper date of the report on the x-axis.

Krishean Draconispython's built-in urllib module still doesn't support http2 (nor http3) in the year of 2025, luckily <a href="https://github.com/pycurl/pycurl" rel="nofollow noopener" target="_blank">pycurl</a> exists and supports modern standards <a href="https://tech.lgbt/tags/python" class="mention hashtag" rel="nofollow noopener" target="_blank">#python</a> <a href="https://tech.lgbt/tags/pycurl" class="mention hashtag" rel="nofollow noopener" target="_blank">#pycurl</a> <a href="https://tech.lgbt/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a>

daniel:// stenberg://I've polished the graph that shows <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a> vulnerability age when they were fixed. With median and average ages added.

daniel:// stenberg://So far in 2025, we have received 52 vulnerability reports submitted to <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a>. Two per week on average.5 have been confirmed security problems (and have been published)11 were tagged AI slop; all banned and reported to HackerOne15 were considered "normal bugs"21 were deemed "not applicable" (various reasons)

daniel:// stenberg://Adhere to CI=true environment variable to hide <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a>'s progress bar?<a href="https://github.com/curl/curl/discussions/17838" rel="nofollow noopener" translate="no" target="_blank">https://github.com/curl/curl/discussions/17838</a>

daniel:// stenberg://1.Download <a href="https://curl.se" rel="nofollow noopener" translate="no" target="_blank">https://curl.se</a> using <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a> built to use OpenSSL (that is over HTTPS in case Mastodon hides the scheme for you) 2. count number of allocations made with heaptrack 3. pause for gasping 4. double-check that curl only does 134 allocs itself, independently of the downloaded size 5. check the heaptrack number again54,000hm

daniel:// stenberg://I posted "writing C for <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a>" just a short while ago, which is relevant to the recent "C mistake" graphs.<a href="https://daniel.haxx.se/blog/2025/04/07/writing-c-for-curl/" rel="nofollow noopener" translate="no" target="_blank">https://daniel.haxx.se/blog/2025/04/07/writing-c-for-curl/</a>

daniel:// stenberg://You can follow along with the stream of security reports submitted to <a href="https://mastodon.social/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#curl</a> by watching the ones we make public:<a href="https://hackerone.com/curl/hacktivity" rel="nofollow noopener" translate="no" target="_blank">https://hackerone.com/curl/hacktivity</a>Per project policy, we make ALL reports public. (For practical reasons we have so far focused on getting everything submitted during 2025 disclosed. Hackerone has no method to disclose in bulk or automated, so it is a highly manual and tedious process involving a lot of clicks per single report)

Recent searches

Search options

Administered by:

Server stats:

#curl