Pending RELEASE-NOTES for the upcoming release

This is work in progress and will change before the release goes public on 2025-05-28.

Changes:

Bugfixes:

• async-threaded resolver: use ref counter
• build: check required rustls-ffi version
• certs: drop unused `default_bits` from `.prm` files
• cmake/FindNGTCP2: simplify multi-pkg-config detection
• cmake: quotes, whitespace, use `VERSION_GREATER_EQUAL`
• cmake: use `INCLUDE_DIRECTORIES` prop to specify local header dirs
• cmake: use absolute paths for completion targets
• configure: fix --disable-rt
• configure: restore link checks
• conncache: make Curl_cpool_init return void
• content_encoding: Transfer-Encoding parser improvements
• contrithanks.sh: drop set -e
• curl_krb5: only use functions if FTP is still enabled
• curl_multibyte: fixup low-level calls, include in unity builds
• docs: fix incorrect shell substitution in docker run example command
• eventfd: fix feature guards
• genserv.pl: fail with a message if `openssl` is missing or failing
• hostip: fix build without threaded-resolver and without DoH
• hostip: show the correct name on proxy resolve error
• http2: fix stream window size after unpausing
• HTTP3.md: fix incorrect variable placeholders
• http: fix a build error when all auths are disabled
• http_aws_sigv4: add additional verbose log statements
• http_negotiate: fix non-SSL build with GSSAPI
• https-connect: fix httpsrr target check
• if2ip: build the function also if FTP is present
• INSTALL-CMAKE.md: fix typo
• INSTALL.md: update the minimal libcurl size example
• KNOWN_BUGS: fix link in sivg4 issue 16.3
• lib: add const to clientwriter tables
• lib: include files using known path
• lib: make Curl_easyopts const
• lib: unify conversions to/from hex
• libtest/first: stop defining MEMDEBUG_NODEFINES
• make: clean tests better
• mk-ca-bundle.pl: follow redirects
• openssl-quic: fix shutdown when stream not open
• parsedate: provide Curl_wkday also for GnuTLS builds
• processhelp.pm: avoid potential endless loop, log more (Windows)
• rand: update comment on Curl_rand_bytes weak random
• rustls: make max size of cert and key reasonable
• scripts: completion.pl: sort the completion file for all shells
• scripts: fix --opts-dir help in completion.pl
• socket: use accept4 when available
• socketpair: support pipe2 where available
• test1658: add unit test for the HTTPS RR decoder
• test: make unittest 1308 into a libtest
• tests/ech_tests.sh: sync shebang with rest of bash scripts
• tests/README.md: document --test-duphandle
• tests/README.md: list the openssl tool among the prerequisites
• tests/serverhelp: remove last remnants of http-pipe server
• tests/tunit: make a separate directory for tool-based unit tests
• tests: Add https-mtls server to force client auth
• tests: fix some test tag mismatches
• tests: mark ipfs tests to require ipfs
• tests: move a boolean variable out of the path section
• tests: prefer `--insecure` over `-k`
• tests: remove some unused test case sections
• tests: unify test case keywords
• tests: use a more portable null device path
• VERSIONS: list all past releases
• vtls: fix build with ssl but without http
• winbuild: add the deprecation warning to the README

Contributors:

Abhinav Singhal, Andrew Kirillov, Andy Pan, Carlos Henrique Lima Melara, Dagobert Michelsen, Dan Fandrich, Daniel Engberg, Daniel McCarney, Daniel Stenberg, Demi Marie Obenour, dependabot[bot], Harry Sintonen, Jake Yuesong Li, Jean-Christophe Amiel, Johan Eliasson, Jonathan Rosa, Kai Pastor, Nigel Brittain, Pavel Kropachev, Ray Satiro, renovate[bot], Stefan Eissing, Tomas Volf, Viktor Szakats, x1sc0 on github, Yedaya Katsman