Commit Graph

233 Commits

Author SHA1 Message Date
Daniel Stenberg
c3b27c3141
.github/workflows/macos.yml: add a libssh job with c-ares
... to enable the memdebug system

Closes #8720
2022-04-19 16:31:00 +02:00
Daniel Stenberg
7e99db829c
GHA: move bearssl jobs over from zuul
Closes #8684
2022-04-07 08:36:38 +02:00
Daniel Stenberg
51d271213b
GHA: add openssl3 jobs moved over from zuul
Closes #8683
2022-04-07 08:35:10 +02:00
Philip H
8c3859b2a3
ci/event-based.yml: improve impacket install
skip python3-pip
install impacket with library module

Closes #8621
2022-03-22 16:38:47 +01:00
Daniel Stenberg
ea0ada834e
GHA: --enable-headers-api in all workflows 2022-03-22 08:24:26 +01:00
Daniel Stenberg
5bb4d3ec06
gha: move the event-based test over from Zuul
Switched libssh2 to libssh

Closes #8490
2022-03-21 17:39:49 +01:00
Philip H
22d33956ec
CI: Do not use buildconf. Instead, just use: autoreconf -fi
Closes #8596
2022-03-15 14:15:35 +01:00
Marc Hoersken
f9b212cc84
CI: install Python package impacket to run SMB test 1451
Install Python package impacket in relevant CI workflows.

Follow up to #7935
Supersedes #7940
Closes #8544
2022-03-06 21:22:58 +01:00
Daniel Stenberg
2207066446
GHA: build hyper with nightly rustc
Closes #8545
2022-03-05 23:47:18 +01:00
Daniel Stenberg
2bb5e1c3df
gha: add a macOS CI job with libssh
Closes #8513
2022-02-25 23:26:38 +01:00
Daniel Stenberg
3738de3bd1
configure: requires --with-nss-deprecated to build with NSS
Add deprecation plans to docs/DEPRECATE.md

Closes #8395
2022-02-09 16:33:26 +01:00
Sebastian Sterk
436398bef5
github/workflows/mbedtls: fix indent & remove unnecessary line breaks
Closes #8399
2022-02-07 23:13:57 +01:00
Daniel Stenberg
47fc8a4be6
CI: move the NSS job from zuul to GHA
Closes #8396
2022-02-07 22:53:23 +01:00
Harry Sarson
6c82e3f42d
CI: test building wolfssl with --enable-opensslextra
Closes #8315
2022-01-21 23:04:15 +01:00
pheiduck on githuh
f558534e22
workflows/wolfssl: install impacket
needed Python Package for SMB tests

Closes #8307
2022-01-20 11:22:52 +01:00
Daniel Stenberg
5bf1c4681a
GHA: install stunnel in the medbtls + wolfssl CI jobs
Closes #8252
2022-01-09 18:08:02 +01:00
Daniel Stenberg
70a1101e41
CI: move the rustls CI job to GHA from Zuul
Closes #8251
2022-01-09 16:07:48 +01:00
Daniel Stenberg
c07aca3baa
.github/workflows/mbedtls.yml: bump to mbedtls 3.1.0
Closes #8215
2022-01-03 09:13:50 +01:00
Daniel Stenberg
4f4cf0842e
github/workflows: add mbedtls and mbedtls-clang
Closes #8215
2022-01-03 09:13:34 +01:00
Daniel Stenberg
d82ad1f1ea
github workflow: add wolfssl
Closes #8196
2021-12-28 15:44:29 +01:00
Daniel Stenberg
ed0bc61e31
linkcheck.yml: add CI job that checks markdown links
Closes #8158
2021-12-17 09:17:09 +01:00
Daniel Stenberg
9108da2c26
cmake: private identifiers use CURL_ instead of CMAKE_ prefix
Since the 'CMAKE_' prefix is reserved for cmake's own private use.
Ref: https://cmake.org/cmake/help/latest/manual/cmake-variables.7.html

Reported-by: Boris Rasin
Fixes #7988
Closes #8044
2021-11-23 08:46:41 +01:00
Kevin Burke
c844358299
.github: retry macos "brew install" command on failure
Previously we saw errors attempting to run "brew install", see
https://github.com/curl/curl/runs/4095721123?check_suite_focus=true for
an example, since this command is idempotent, it is safe to run again.

Closes #7955
2021-11-04 13:55:03 +01:00
Marc Hoersken
1db383dc86
github: fix incomplete permission to label PRs for Hacktoberfest
Unfortunately the GitHub API requires a token with write permission
for both issues and pull-requests to edit labels on even just PRs.

Follow up to #7897
2021-10-27 22:08:20 +02:00
Marc Hoersken
80450f85cc
github: fix missing permission to label PRs for Hacktoberfest
Follow up to #7897

Test references to see if permissions are now sufficient:

Closes #7832
Closes #7897
2021-10-27 12:40:15 +02:00
Marc Hoersken
74d46aee28
CI: more use of test-ci make target and verbose output
Replace test-nonflaky with test-ci and enable verbose output
in all remaining CIs except Zuul which is customized a lot.

Reviewed-by: Daniel Stenberg
Reviewed-by: Jay Satiro

Follow up to #7785
Closes #7832
2021-10-27 12:33:18 +02:00
Marc Hoersken
f0ab8a631a
github: add support for Hacktoberfest using labels
Automatically add hacktoberfest-accepted label to PRs opened between
September 30th and November 1st once a commit with a close reference
to it is pushed onto the master branch.

With this workflow we can participate in Hacktoberfest while not
relying on GitHub to identify PRs as merged due to our rebasing.

Requires hacktoberfest-accepted labels to exist for PRs on the
participating repository. Also requires hacktoberfest topic on
the participating repository to avoid applying to forked repos.

Reviewed-by: Daniel Stenberg

Fixes #7865
Closes #7897
2021-10-27 12:26:31 +02:00
Marc Hoersken
ab1671cafe
CI/makefiles: introduce dedicated test target
Make it easy to use the same set of test flags
throughout all current and future CI builds.

Reviewed-by: Jay Satiro

Follow up to #7690
Closes #7785
2021-10-08 20:16:15 +02:00
Jay Satiro
4729c25180 codeql: fix error "Resource not accessible by integration"
- Enable codeql writing security-events.

GitHub set the default permissions to read, apparently since earlier
this year.

Ref: https://github.com/github/codeql-action/issues/464
Ref: https://github.blog/changelog/2021-04-20-github-actions-control-permissions-for-github_token/

Fixes https://github.com/curl/curl/issues/7575
Closes https://github.com/curl/curl/pull/7576
2021-08-17 03:32:10 -04:00
Daniel Stenberg
5ae49f9534
GHA: run all tests for hyper too
As it lists disabled ones in DISABLED now

Closes #7209
2021-06-10 08:42:59 +02:00
Daniel Stenberg
3d01b75077
GHA: add several libcurl tests to the hyper job
500 to 512
2021-06-07 23:54:54 +02:00
Daniel Stenberg
33812ad33d
GHA: run the newly fixed tests with hyper
Closes #7205
2021-06-07 23:14:11 +02:00
Daniel Stenberg
b28a88951d
GHA: add a linux-hyper job
Closes #7206
2021-06-07 17:31:07 +02:00
Daniel Stenberg
265b14d6b3
metalink: remove
Warning: this will make existing curl command lines that use metalink to
stop working.

Reasons for removal:

1. We've found several security problems and issues involving the
   metalink support in curl. The issues are not detailed here. When
   working on those, it become apparent to the team that several of the
   problems are due to the system design, metalink library API and what
   the metalink RFC says. They are very hard to fix on the curl side
   only.

2. The metalink usage with curl was only very briefly documented and was
   not following the "normal" curl usage pattern in several ways, making
   it surprising and non-intuitive which could lead to further security
   issues.

3. The metalink library was last updated 6 years ago and wasn't so
   active the years before that either. An unmaintained library means
   there's a security problem waiting to happen. This is probably reason
   enough.

4. Metalink requires an XML parsing library, which is complex code (even
   the smaller alternatives) and to this day often gets security
   updates.

5. Metalink is not a widely used curl feature. In the 2020 curl user
   survey, only 1.4% of the responders said that they'd are using it. In
   2021 that number was 1.2%. Searching the web also show very few
   traces of it being used, even with other tools.

6. The torrent format and associated technology clearly won for
   downloading large files from multiple sources in parallel.

Cloes #7176
2021-06-07 08:14:25 +02:00
Daniel Stenberg
4b3d8f3558
github: remove the cmake macOS gcc-8 jobs
They're too similar to the gcc-9 ones to be useful (and seems to not
work anymore).

Closes #7187
2021-06-04 08:30:26 +02:00
Daniel Stenberg
f7d1273cf9
github: timeout jobs on macOS after 90 minutes
Assisted-by: Marc Hoersken
Closes #7173
2021-06-02 16:00:42 +02:00
Daniel Stenberg
e53a0f6833
github: inhibit deprecated declarations for clang on macOS
... as they otherwise cause ldap build errors in the CI.

Fixes #7081
Closes #7082
2021-05-17 22:45:46 +02:00
Daniel Stenberg
40ea52a241
github: add a workflow with libssh2 on macOS using cmake
Closes #7047
2021-05-16 23:21:12 +02:00
Tobias Gabriel
0acfe05c2e
.github/FUNDING: add link to GitHub sponsors
Closes #6985
2021-05-03 16:46:30 +02:00
Ayushman Singh Chauhan
6aae7b1761
docs: camelcase it like GitHub everywhere
Closes #6979
2021-04-28 08:16:20 +02:00
Daniel Stenberg
e052bbcd57
ci: adapt to configure requiring an explicit TLS choice 2021-04-22 23:19:47 +02:00
Daniel Stenberg
7bdec2a08b
configure: provide --with-openssl, deprecate --with-ssl
Makes the option more explicit.

Closes #6887
2021-04-15 09:08:34 +02:00
Anthony Shaw
2908a8232c
github/workflow: add "security-extended" to codeql-analysis.yml
Extends the CodeQL code scan.

Closes #6815
2021-04-09 15:46:31 +02:00
Daniel Stenberg
6dc03053d1
github: add torture-ftp for FTP-only torture testing
and at 20% to try to keep the run-time reasonable

Closes #6728
2021-03-12 23:36:38 +01:00
XhmikosR
78617b48e4
CI: fix warning with the latest versions
`git checkout HEAD^2` is no longer needed

Closes #6369
2020-12-25 16:21:14 +01:00
Daniel Stenberg
d16fb4d056
Revert "CI/github: work-around for brew breakage on macOS"
This reverts commit 4cbb17a2cb.

... as the work-around now causes failures.

Closes #6332
2020-12-16 14:37:41 +01:00
Daniel Stenberg
4d2f800677
curl.se: new home
Closes #6172
2020-11-04 23:59:47 +01:00
Daniel Stenberg
4cbb17a2cb
CI/github: work-around for brew breakage on macOS
... and make it use OpenSSL 1.1 properly

Fixes #6130
Closes #6129
2020-10-26 22:14:53 +01:00
Daniel Stenberg
96450a1a33
alt-svc: enable by default
Remove CURLALTSVC_IMMEDIATELY, which was never implemented/supported.

alt-svc support in curl is no longer considered experimental

Closes #5868
2020-10-25 23:08:54 +01:00
Daniel Stenberg
cd048aaa28
github: remove the duplicate "Security vulnerability" entry
... since github adds an entry automatically by itself.

Closes #5970
2020-09-17 15:22:11 +02:00
Emil Engler
48fb543d7f
github: use new issue template feature
This helps us to avoid getting feature requests as well as security
bugs reported into the issue tracker.

Closes #5936
2020-09-17 13:58:18 +02:00
Daniel Stenberg
2429f45a97
TLS naming: fix more Winssl and Darwinssl leftovers
The CMake option is now called CMAKE_USE_SCHANNEL

The winbuild flag is USE_SCHANNEL

The CI jobs and build scripts only use the new names and the new name
options

Tests now require 'Schannel' (when necessary)

Closes #5795
2020-08-08 00:19:21 +02:00
Marcel Raad
730dc48253
CI/macos: set minimum macOS version
This enables some deprecation warnings.
Previously, autotools defaulted to 10.8.

Closes https://github.com/curl/curl/pull/5723
2020-07-26 16:31:33 +02:00
Marcel Raad
05904db861
CI/macos: enable warnings as errors for CMake builds
Closes https://github.com/curl/curl/pull/5716
2020-07-25 08:51:11 +02:00
Marcel Raad
ff8b6ce05f
CI/macos: unconditionally enable warnings-as-errors with autotools
Previously, warnings were only visible in the output for most jobs.

Closes https://github.com/curl/curl/pull/5694
2020-07-19 10:35:19 +02:00
Marc Hoersken
a88fe0fd14
workflows: limit what branches to run CodeQL on
Align CodeQL action with existing CI actions:
- Update branch filter to avoid duplicate CI runs.
- Shorten workflow name due to informative job name.

Reviewed-by: Daniel Stenberg

Closes #5660
2020-07-13 21:01:03 +02:00
Daniel Stenberg
7de2a4ce35
codeql-analysis.yml: fix the 'languages' setting
It needs a 'with:' in front of it.
2020-06-26 08:49:47 +02:00
Daniel Stenberg
7183f5acc3
gtihub: codeql-analysis.yml
enables code security scanning with github actions
2020-06-26 01:06:05 +02:00
Marc Hoersken
0900b03ecf
CI/macos: fix 'is already installed' errors by using bundle
Avoid failing CI builds due to nghttp2 being already installed.

Closes #5513
2020-06-03 20:18:36 +02:00
Daniel Stenberg
23a3ab9dd5
github/workflow: enable MQTT in the macOS debug build 2020-04-14 13:04:10 +02:00
Marc Hoersken
638b8558d1
CI/macos: convert CRLF to LF and align indentation 2020-04-10 00:59:35 +02:00
Daniel Stenberg
6435aaa70b
github actions: run when pushed to master or */ci + PRs
Avoid double-builds when using "local" branches for PRs. For both macos
and fuzz jobs.

Closes #5201
2020-04-08 14:19:08 +02:00
Leo Neat
4506607b44
CI-fuzz: increase fuzz time to 40 minutes
Closes #5174
2020-04-02 23:56:19 +02:00
Marc Hoersken
7e8a1a0875
CI: remove default Ubuntu build from GitHub Actions
We are already running a very similar Ubuntu build on Travis CI.
The macOS variant of this default build is kept on Github Actions.
2020-03-24 18:25:21 +01:00
Marc Hoersken
fd7afa7d39
CI: bring GitHub Actions fuzzing job in line with macOS jobs
Update YAML formatting, job naming and triggers.
2020-03-24 18:19:35 +01:00
Marc Hoersken
840df8b0d9
CI: migrate macOS jobs from Azure and Travis CI to GitHub Actions
Reduce workload on Azure Pipelines and Travis CI while
consolidating macOS jobs onto less utilized GitHub Actions.

Reviewed-by: Daniel Stenberg

Closes #5124
2020-03-24 18:18:15 +01:00
Daniel Stenberg
ea1b2eb976
CIfuzz: switch off 'dry_run' mode
Follow-up from #4960: now make it fail if it detects problems.

Closes #4998
2020-02-28 16:50:43 +01:00
Leo Neat
7224e70f40
github action: add CIFuzz
Closes #4960
2020-02-21 08:56:44 +01:00
Emil Engler
11ee0640ac
github: Instructions to post "uname -a" on Unix systems in issues
Closes #4896
2020-02-08 18:13:46 +01:00
Daniel Stenberg
ab712afa8f
github action/azure pipeline: run 'make test-nonflaky' for tests
To match travis and give more info on failures.
2019-12-03 19:30:34 +01:00
Daniel Stenberg
df26f5f9c3
CI: inintial github action job
First shot at a CI build on github actions
2019-09-14 20:25:43 +02:00
Daniel Stenberg
be01f475ed
.github/FUNDING: mention our opencollective "home" [ci skip] 2019-05-23 11:16:23 +02:00
Daniel Stenberg
10e4dd6a7b
docs/BUG-BOUNTY: bug bounty time [skip ci]
Introducing the curl bug bounty program on hackerone. We now recommend
filing security issues directly in the hackerone ticket system which
only is readable to curl security team members.

Assisted-by: Daniel Gustafsson

Closes #3488
2019-04-22 17:19:19 +02:00
Daniel Stenberg
3ed3db5c04 github/lock: auto-lock closed issues after 90 days of inactivity 2018-05-05 14:05:57 +02:00
Jay Satiro
274983b774 ISSUE_TEMPLATE: Add a comment not to file security issues on github 2017-07-11 11:48:37 -04:00
Daniel Stenberg
ced57e9a95 .github/stale.yml: enable the stale bot
Issues and PRs with no activity for 180 days will get marked as stale,
and if no further activity happens within 14 more days, the issue gets
closed.

This follows our established policy of not letting stalled bugs "get in
the way": https://curl.haxx.se/docs/bugs.html#Closing_off_stalled_bugs

Closes #1398
2017-04-09 00:08:51 +02:00
Daniel Stenberg
7c847ab9d5 ISSUE_TEMPLATE: for bugs, ask questions on the mailing list
and try to add the top comment within an HTML comment in the hope
that it might get hidden if the text is kept
2017-03-10 10:32:01 +01:00
Daniel Stenberg
5fad800efd ISSUE_TEMPLATE: try mentioning known bugs/todo in new issue template 2016-12-11 19:37:44 +01:00
Daniel Stenberg
27302abb94 s/cURL/curl
We're mostly saying just "curl" in lower case these days so here's a big
cleanup to adapt to this reality. A few instances are left as the
project could still formally be considered called cURL.
2016-11-07 10:36:23 +01:00
Daniel Gustafsson
8331b08d22 docs: Fix link to CONTRIBUTE in Github contribution guidelines (#994) 2016-09-06 10:35:00 +02:00
Daniel Stenberg
414055dc6d CONTRIBUTING.md: fix links 2016-02-18 11:59:17 +01:00
Daniel Stenberg
b7cd7aabd4 ISSUE_TEMPLATE: github issue template
First version, try this out!
2016-02-18 11:55:59 +01:00
Daniel Stenberg
4c6ca527b0 CONTRIBUTING.md: move into .github
To hide github specific files somewhat from the rest.
2016-02-18 11:52:25 +01:00