daniel:// stenberg://2d ago

We have received more security reports against #curl in 2026 so far than we did during the entire year back in 2024.

During the first three months we have received twice the amount of reports/week as we did last year.

Show threaddaniel:// stenberg://2d ago

someone in another open source project (to remain anonymous here) replied to my weekly email and said "as a comparison, we received 70 reports last week"

The ongoing "security report overload" is systematic and everywhere now.

Endure fellow maintainers!

Show threadMike Siegel
@bagder I would love to see a graph of security reports per week. There are those who predict the end of vulnerabilities (as these are caught in CI/CD), then there are those who are predicting never ending vulnerabilities. I am guessing reality will be a little more nuanced.
Apr 5 at 5:28pmWeb