Mastodawn

Welcome Mark Esler as #curl commit author 1474: https://github.com/curl/curl/pull/21651

vtls_scache: include signature_algorithms in the SSL peer cache key by eslerm · Pull Request #21651 · curl/curl

Curl_ssl_peer_key_make() did not include ssl->signature_algorithms in the SSL peer cache key, while match_ssl_primary_config() compares the field. Handles differing only in CURLOPT_SSL_SIGNATURE...

GitHub

Jim Fuller 6d ago

meanwhile in the czech republic - https://www.theguardian.com/world/2026/may/15/czech-police-find-stolen-skull-13th-century-saint-arrest-man

Czech police find stolen skull of 13th-century saint and arrest man

Man admits to coating relic in concrete after taking it from church because he objected to it being displayed, police say

The Guardian

Jim Fuller 6d ago

Stefan Eissing 6d ago

First of all, *most* of FOSS security reports nowadays (that I see in #curl and #apache httpd) are non-threatening.

They are edge cases under highly constructed preconditions. Yes, not impossible, but unlikely to be ever encountered.

Before LLMs, no researcher would have invested the time to explore those scenarios. my guess.

Yes, we fix them. But, they could also have been a bug report.💁🏻‍♂️

Jim Fuller May 12

#curl #curlup nag https://github.com/curl/curl-up/wiki/2026 - May 23-24, 2026 - Prague ... be there to discuss everything curl, networking and much more.

Jim Fuller May 12

daniel:// stenberg://May 12

Welcome Song X. Gao as #curl commit author 1469: https://github.com/curl/curl/pull/21528

spnego_sspi: honor CURLOPT_GSSAPI_DELEGATION on Windows SSPI builds by xsgao-github · Pull Request #21528 · curl/curl

What This PR aims to make CURLOPT_GSSAPI_DELEGATION effective on Windows builds that use SSPI (instead of a native GSS-API implementation), so Kerberos delegation can be requested during SPNEGO/Neg...

GitHub

Jim Fuller May 12

Stefan Eissing May 12

I feel closer to a traditional Japanese knife maker in his backyard shop than to any modern software glitz.

And feeling quite happy and content about it.😌

Jim Fuller May 12

daniel:// stenberg://May 12

Welcome Tim Martin as #curl commit author 1467, and Xi Ruoyao number 1468!

Jim Fuller May 11

daniel:// stenberg://May 11

Welcome amitbidlan as #curl commit author 1466: https://github.com/curl/curl/pull/21550

hostip: remove unused MAX_HOSTCACHE_LEN and MAX_DNS_CACHE_SIZE by amitbidlan · Pull Request #21550 · curl/curl

These macros are leftovers from 96d5b5c (dnscache: own source file, improvements) which split DNS caching out of hostip.c into lib/dnscache.c. Both macros are still defined and used in dnscache.c; ...

GitHub

Jim Fuller May 11

Stefan Eissing May 11

Spin to Win:

- a billions dollar startup get its source code leaked
- everyone sees hilarious stupid things, ridiculing the startup
- the IPO is in danger

- a Mythical New Product is announced that is ultra-super-good, but too dangerous. Only orgs that have an interest in the startup doing well get access.
- the media goes crazy with doomerisms. „Will this be the end of <something people are emotionally attached to>?“
- everyone forgets about the leaked, shoddy stuff

Works every time.😌

Jim Fuller May 11

Most AI writes 'features' and not architecture ... and instructing it to generate the later takes a magnitude more effort then the former ... layer 8 is someone else's definition of fun.

website	https://blog.jim.fuller.name/about
donate	https://opencollective.com/curl
github	https://github.com/xquery
sponsor me	https://github.com/sponsors/xquery