curl / Development / Pending Release Notes
Pending RELEASE-NOTES for the upcoming release
This is work in progress and will change before the release goes public on 2024-05-22.
Changes:
- curl_version_info: provide librtmp version
- file: add support for directory listings
- idn: add native AppleIDN (icucore) support for macOS/iOS
- lib: add curl_multi_waitfds
- mbedTLS: implement CURLOPT_SSL_CIPHER_LIST option
- NTLM_WB: drop support
- TLS: add support for ECH (Encrypted Client Hello)
- urlapi: add CURLU_GET_EMPTY for empty queries and fragments
Bugfixes:
- bearssl: fix compiler warnings
- build: prefer `USE_IPV6` macro internally (was: `ENABLE_IPV6`)
- build: remove MacOSX-Framework script
- cd2nroff/manage: use UTC when SOURCE_DATE_EPOCH is set
- cf-socket: remove references to l_ip, l_port
- ci: add curl-for-win builds: Linux MUSL, macOS, Windows
- cmake: add librtmp/rtmpdump option and detection
- CMake: check fseeko after detecting HAVE_FILE_OFFSET_BITS
- cmake: enable `-pedantic-errors` for clang when `CURL_WERROR=ON`
- cmake: fix `CURL_WERROR=ON` for old CMake and use it in GHA/linux-old
- cmake: fixup `DEPENDS` filename
- cmake: forward `USE_LIBRTMP` option to C
- cmake: generate misc manpages and install `mk-ca-bundle.pl`
- cmake: speed up libcurl doc building again
- cmake: tidy-up to use `WORKING_DIRECTORY`
- cmake: use namespaced custom target names
- cmdline-docs: fix make install with configure --disable-docs
- configure: make --disable-docs imply --disable-manual
- content_encoding: brotli and others, pass through 0-length writes
- contrithanks: honor `CURLWWW` variable
- curl-confopts.m4: define CARES_NO_DEPRECATED when c-ares is used
- curl: make --help adapt to the terminal width
- curl: use curl_getenv instead of the curlx_ version
- Curl_creader_read: init two variables to avoid using them uninited
- curl_global_trace.md: shorten the description
- curl_sha512_256: do not use workaround for NetBSD when not needed
- curl_sha512_256: fix detection of OpenSSL 1.1.1 or later
- curl_url_get.md: clarify queries and fragments and CURLU_GET_EMPTY
- CURLINFO_REQUEST_SIZE: fixed, add tests for transfer infos reported
- cw-out: improved error handling
- dist: `set -eu`, fix shellcheck, make reproducible and smaller tarballs
- dist: add files missing from release tarball
- dist: add reproducible dir entries to tarballs
- dist: do not require Perl in `maketgz`
- dist: remove the curl-config.1 from the tarball
- dist: verify tarball reproducibility in CI
- DISTROS: Cygwin updates
- dllmain: Call OpenSSL thread cleanup for Windows and Cygwin
- doc: pytest `--repeat` -> `--count`
- docs/cmdline-opts: invoke managen using a relative path
- docs/MAIL-ETIQUETTE: convert to markdown
- docs: add CURLOPT_NOPROGRESS to CURLOPT_XFERINFOFUNCTION example
- docs: clarify CURLOPT_MAXFILESIZE and CURLOPT_MAXFILESIZE_LARGE
- file: remove useless assignment
- ftp: fix socket leak on rare error
- GHA: add shellcheck job and fix warnings, shell tidy-ups
- GHA: add valgrind to a wolfSSL build
- GHA: on macOS remove $HOME/.curlrc
- gnutls: lazy init the trust settings
- http/2, http/3: decouple stream state from easy handle
- http2 + ngtcp2: pass CURLcode errors from callbacks
- http2: emit RST when client write fails
- http: acknowledge a returned error code
- http: reject HTTP major version switch mid connection
- http: with chunked POST forced, disable length check on read callback
- http_aws_sigv4: remove useless assignment
- idn: make Curl_idnconvert_hostname() use Curl_idn_decode()
- INSTALL-CMAKE.md: explain `cmake -G <generator-name>`
- lib: add trace support for client reads and writes
- lib: merge `ENABLE_QUIC` C macro into `USE_HTTP3`
- lib: silence warnings on comma misuse
- lib: use `#error` instead of invalid syntax in `curl_setup_once.h`
- lib: use multi instead of multi_easy for the active multi
- libcurl-opts: mention pipelining less
- libssh2: set length to 0 if strdup failed
- m4: fix rustls pkg-config codepath
- makefile: remove the sorting from the vc-ide action
- maketgz: put docs/RELEASE-TOOL.md into the tarball
- mbedtls: call mbedtls_ssl_setup() after RNG callback is set
- mbedtls: cut off trailing newlines from debug logs
- mbedtls: fix building with v3 in CMake Unity mode
- misc: fix typos
- mprintf: check fputc error rather than matching returned character
- mqtt: when Curl_xfer_recv returns error, don't use nread
- multi: introduce SETUP state for better timeouts
- multi: remove the unused Curl_preconnect function
- multi: timeout handles even without connection
- openldap: create ldap URLs correctly for IPv6 addresses
- openssl: do not set SSL_MODE_RELEASE_BUFFERS
- OS400: fix shellcheck warnings in scripts
- projects: drop MSVC project files for recent versions
- quic: fixup duplicate static function name (for cmake unity)
- quiche: expire all active transfers on connection close
- RELEASE-PROCEDURE: mention an initial working build
- request: make Curl_req_init return void
- request: paused upload on completed download, assess connection
- reuse: add copyright + license info to individual docs/*.md files
- ROADMAP: remove completed entries, mention websocket
- rustls: remove incorrect SSLSUPP_TLS13_CIPHERSUITES flag
- sendf: fix two typos in comments
- sendf: useless assignment in cr_lc_read()
- smtp: result of Curl_bufq_cread was not used
- telnet: check return code from fileno()
- tests/http: fix compiler warning
- tests: add -q as first option when invoking curl for tests
- tests: check caddy server version to match test expectations
- tests: enable test 1117 for hyper
- tests: fix feature case in test1481
- tls: fix SecureTransport + BearSSL cmake unity builds
- tls: use shared init code for TCP+QUIC
- tool_getparam: output warning for leading unicode quote character
- tool_operate: don't truncate the etag save file by default
- tool_operate: init vars unconditionally in post_per_transfer
- tool_paramhlp: remove duplicate assign
- tool_xattr: "guess" URL scheme if none is provided
- tool_xattr: in debug builds, act normally if CURL_FAKE_XATTR is not set
- transfer: remove useless assignment
- url: do not URL decode proxy crendentials
- url: fix use of an uninitialized variable
- urlapi: allow setting port number zero
- urlapi: fix relative redirects to fragment-only
- urldata: remove fields not used depending on used features
- vquic: use CURL_FORMAT_CURL_OFF_T for 64 bit printf output
- winbuild: add ENABLE_WEBSOCKETS option
- winbuild: use $(RC) correctly
- wolfssl: plug memory leak in wolfssl_connect_step2()
Contributors:
Abdullah Alyan, blankie, Brian Inglis, Carlos Henrique Lima Melara, Christian Schmitz, Chris Webb, Colin Leroy-Mira, Dagfinn Ilmari Mannsåker, Dan Fandrich, Daniel J. H., Daniel McCarney, Daniel Stenberg, Dmitry Karpov, Emanuele Torre, Evgeny Grin (Karlson2k), Fabian Keil, Gisle Vanem, Gusted, hammlee96 on github, Harry Sintonen, Hongfei Li, Jan Macku, Jan Venekamp, Jeff King, Jérôme Leclercq, Jiwoo Park, Jonatan Vela, Kailun Qin, kalvdans on github, Keitagit-kun on github, Konstantin Kuzov, kpcyrd on github, Laramie Leavitt, Marcel Raad, Matt Jolly, Michael Kaufmann, Michał Antoniak, Patrick Monnerat, Paul Howarth, Pavel Kropachev, Rahul Krishna M, RainRat, Ray Satiro, riastradh on github, Robert Moreton, Sanjay Pujare, Sergey Bronnikov, Sergey Ogryzkov, Sergio Durigan Junior, southernedge on github, Stefan Eissing, Stephen Farrell, Tal Regev, Tobias Stoeckmann, Toon Claes, Viktor Szakats, zmcx16 on github