curl/docs/DEPRECATE.md

# Items to be removed from future curl releases

If any of these deprecated features is a cause for concern for you, please
email the
[curl-library mailing list](https://lists.haxx.se/listinfo/curl-library)
as soon as possible and explain to us why this is a problem for you and
how your use case cannot be satisfied properly using a workaround.

## NSS

We remove support for building curl with the NSS TLS library in August 2023.

- There are very few users left who use curl+NSS
- NSS has very few users outside of curl as well (primarily Firefox)
- NSS is harder than ever to find documentation for
- NSS was always "best" used with Red Hat Linux when they provided additional
  features on top of the regular NSS that is not shipped by the vanilla library

Starting in 7.82.0, building curl to use NSS configure requires the additional
flag --with-nss-deprecated in an attempt to highlight these plans.

## NPN

We make selecting NPN a no-op starting in August 2022.

**Next Protocol Negotiation** is a TLS extension that was created and used for
agreeing to use the SPDY protocol (the precursor to HTTP/2) for HTTPS. In the
early days of HTTP/2, before the spec was finalized and shipped, the protocol
could be enabled using this extension with some servers.

curl supports the NPN extension with some TLS backends since then, with a
command line option `--npn` and in libcurl with `CURLOPT_SSL_ENABLE_NPN`.

HTTP/2 proper is made to use the ALPN (Application-Layer Protocol Negotiation)
extension and the NPN extension has no purposes anymore. The HTTP/2 spec was
published in May 2015.

Today, use of NPN in the wild should be extremely rare and most likely totally
extinct. Chrome removed NPN support in Chrome 51, shipped in
June 2016. Removed in Firefox 53, April 2017.

## past removals

 - Pipelining
 - axTLS
 - PolarSSL
DEPRECATE: new doc describing planned item removals Closes #2704 2018-07-01 19:22:53 +08:00			`# Items to be removed from future curl releases`

docs/DEPRECATE.md: spelling and minor formatting 2018-07-02 14:14:53 +08:00			`If any of these deprecated features is a cause for concern for you, please`
DEPRECATE.md: linkify curl-library mailing list Closes #7561 2021-08-12 20:44:26 +08:00			`email the`
mailing lists: move from cool.haxx.se to lists.haxx.se 2021-08-30 15:51:07 +08:00			`[curl-library mailing list](https://lists.haxx.se/listinfo/curl-library)`
DEPRECATE.md: linkify curl-library mailing list Closes #7561 2021-08-12 20:44:26 +08:00			`as soon as possible and explain to us why this is a problem for you and`
docs: reduce/avoid English contractions You're => You are Hasn't => Has not Doesn't => Does not Don't => Do not You'll => You will etc Closes #7930 2021-10-31 23:34:44 +08:00			`how your use case cannot be satisfied properly using a workaround.`
CURLOPT_DNS_USE_GLOBAL_CACHE: deprecated Disable the CURLOPT_DNS_USE_GLOBAL_CACHE option and mark it for deprecation and complete removal in six months. Bug: https://curl.haxx.se/mail/lib-2018-09/0010.html Closes #2942 2018-09-05 06:05:46 +08:00
configure: requires --with-nss-deprecated to build with NSS Add deprecation plans to docs/DEPRECATE.md Closes #8395 2022-02-07 21:20:03 +08:00			`## NSS`

DEPRECATE.md: push the NSS deprecation date forward one year to 2023 URL: https://curl.se/mail/lib-2022-08/0016.html 2022-08-17 16:06:11 +08:00			`We remove support for building curl with the NSS TLS library in August 2023.`
configure: requires --with-nss-deprecated to build with NSS Add deprecation plans to docs/DEPRECATE.md Closes #8395 2022-02-07 21:20:03 +08:00
			`- There are very few users left who use curl+NSS`
			`- NSS has very few users outside of curl as well (primarily Firefox)`
			`- NSS is harder than ever to find documentation for`
			`- NSS was always "best" used with Red Hat Linux when they provided additional`
docs: lots of minor language polish Mostly based on recent language decisions from "everything curl": - remove contractions (isn't => is not) - an HTTP (consistency) - runtime (no hyphen) - backend (no hyphen) - URL is uppercase Closes #8646 2022-03-29 19:58:11 +08:00			`features on top of the regular NSS that is not shipped by the vanilla library`
configure: requires --with-nss-deprecated to build with NSS Add deprecation plans to docs/DEPRECATE.md Closes #8395 2022-02-07 21:20:03 +08:00
			`Starting in 7.82.0, building curl to use NSS configure requires the additional`
			`flag --with-nss-deprecated in an attempt to highlight these plans.`

docs/DEPRECATE: remove NPN support in August 2022 Closes #8458 2022-02-16 18:22:25 +08:00			`## NPN`

			`We make selecting NPN a no-op starting in August 2022.`

			`Next Protocol Negotiation is a TLS extension that was created and used for`
			`agreeing to use the SPDY protocol (the precursor to HTTP/2) for HTTPS. In the`
			`early days of HTTP/2, before the spec was finalized and shipped, the protocol`
			`could be enabled using this extension with some servers.`

			`curl supports the NPN extension with some TLS backends since then, with a`
			command line option `--npn` and in libcurl with `CURLOPT_SSL_ENABLE_NPN`.

			`HTTP/2 proper is made to use the ALPN (Application-Layer Protocol Negotiation)`
			`extension and the NPN extension has no purposes anymore. The HTTP/2 spec was`
			`published in May 2015.`

			`Today, use of NPN in the wild should be extremely rare and most likely totally`
			`extinct. Chrome removed NPN support in Chrome 51, shipped in`
			`June 2016. Removed in Firefox 53, April 2017.`

configure: requires --with-nss-deprecated to build with NSS Add deprecation plans to docs/DEPRECATE.md Closes #8395 2022-02-07 21:20:03 +08:00			`## past removals`
PolarSSL: deprecate support step 1. Removed from configure. Also removed mentions from most docs. Discussed: https://curl.haxx.se/mail/lib-2019-05/0045.html Closes #3888 2019-05-15 19:57:16 +08:00
polarssl: removed As detailed in DEPRECATE.md, the polarssl support is now removed after having been disabled for 6 months and nobody has missed it. The threadlock files used by mbedtls are renamed to an 'mbedtls' prefix instead of the former 'polarssl' and the common functions that previously were shared between mbedtls and polarssl and contained the name 'polarssl' have now all been renamed to instead say 'mbedtls'. Closes #4825 2020-01-16 15:17:04 +08:00			`- Pipelining`
			`- axTLS`
			`- PolarSSL`