Commit Graph

70 Commits

Author SHA1 Message Date
Harry Sarson
6c82e3f42d
CI: test building wolfssl with --enable-opensslextra
Closes #8315
2022-01-21 23:04:15 +01:00
pheiduck on githuh
f558534e22
workflows/wolfssl: install impacket
needed Python Package for SMB tests

Closes #8307
2022-01-20 11:22:52 +01:00
Daniel Stenberg
5bf1c4681a
GHA: install stunnel in the medbtls + wolfssl CI jobs
Closes #8252
2022-01-09 18:08:02 +01:00
Daniel Stenberg
70a1101e41
CI: move the rustls CI job to GHA from Zuul
Closes #8251
2022-01-09 16:07:48 +01:00
Daniel Stenberg
c07aca3baa
.github/workflows/mbedtls.yml: bump to mbedtls 3.1.0
Closes #8215
2022-01-03 09:13:50 +01:00
Daniel Stenberg
4f4cf0842e
github/workflows: add mbedtls and mbedtls-clang
Closes #8215
2022-01-03 09:13:34 +01:00
Daniel Stenberg
d82ad1f1ea
github workflow: add wolfssl
Closes #8196
2021-12-28 15:44:29 +01:00
Daniel Stenberg
ed0bc61e31
linkcheck.yml: add CI job that checks markdown links
Closes #8158
2021-12-17 09:17:09 +01:00
Daniel Stenberg
9108da2c26
cmake: private identifiers use CURL_ instead of CMAKE_ prefix
Since the 'CMAKE_' prefix is reserved for cmake's own private use.
Ref: https://cmake.org/cmake/help/latest/manual/cmake-variables.7.html

Reported-by: Boris Rasin
Fixes #7988
Closes #8044
2021-11-23 08:46:41 +01:00
Kevin Burke
c844358299
.github: retry macos "brew install" command on failure
Previously we saw errors attempting to run "brew install", see
https://github.com/curl/curl/runs/4095721123?check_suite_focus=true for
an example, since this command is idempotent, it is safe to run again.

Closes #7955
2021-11-04 13:55:03 +01:00
Marc Hoersken
1db383dc86
github: fix incomplete permission to label PRs for Hacktoberfest
Unfortunately the GitHub API requires a token with write permission
for both issues and pull-requests to edit labels on even just PRs.

Follow up to #7897
2021-10-27 22:08:20 +02:00
Marc Hoersken
80450f85cc
github: fix missing permission to label PRs for Hacktoberfest
Follow up to #7897

Test references to see if permissions are now sufficient:

Closes #7832
Closes #7897
2021-10-27 12:40:15 +02:00
Marc Hoersken
74d46aee28
CI: more use of test-ci make target and verbose output
Replace test-nonflaky with test-ci and enable verbose output
in all remaining CIs except Zuul which is customized a lot.

Reviewed-by: Daniel Stenberg
Reviewed-by: Jay Satiro

Follow up to #7785
Closes #7832
2021-10-27 12:33:18 +02:00
Marc Hoersken
f0ab8a631a
github: add support for Hacktoberfest using labels
Automatically add hacktoberfest-accepted label to PRs opened between
September 30th and November 1st once a commit with a close reference
to it is pushed onto the master branch.

With this workflow we can participate in Hacktoberfest while not
relying on GitHub to identify PRs as merged due to our rebasing.

Requires hacktoberfest-accepted labels to exist for PRs on the
participating repository. Also requires hacktoberfest topic on
the participating repository to avoid applying to forked repos.

Reviewed-by: Daniel Stenberg

Fixes #7865
Closes #7897
2021-10-27 12:26:31 +02:00
Marc Hoersken
ab1671cafe
CI/makefiles: introduce dedicated test target
Make it easy to use the same set of test flags
throughout all current and future CI builds.

Reviewed-by: Jay Satiro

Follow up to #7690
Closes #7785
2021-10-08 20:16:15 +02:00
Jay Satiro
4729c25180 codeql: fix error "Resource not accessible by integration"
- Enable codeql writing security-events.

GitHub set the default permissions to read, apparently since earlier
this year.

Ref: https://github.com/github/codeql-action/issues/464
Ref: https://github.blog/changelog/2021-04-20-github-actions-control-permissions-for-github_token/

Fixes https://github.com/curl/curl/issues/7575
Closes https://github.com/curl/curl/pull/7576
2021-08-17 03:32:10 -04:00
Daniel Stenberg
5ae49f9534
GHA: run all tests for hyper too
As it lists disabled ones in DISABLED now

Closes #7209
2021-06-10 08:42:59 +02:00
Daniel Stenberg
3d01b75077
GHA: add several libcurl tests to the hyper job
500 to 512
2021-06-07 23:54:54 +02:00
Daniel Stenberg
33812ad33d
GHA: run the newly fixed tests with hyper
Closes #7205
2021-06-07 23:14:11 +02:00
Daniel Stenberg
b28a88951d
GHA: add a linux-hyper job
Closes #7206
2021-06-07 17:31:07 +02:00
Daniel Stenberg
265b14d6b3
metalink: remove
Warning: this will make existing curl command lines that use metalink to
stop working.

Reasons for removal:

1. We've found several security problems and issues involving the
   metalink support in curl. The issues are not detailed here. When
   working on those, it become apparent to the team that several of the
   problems are due to the system design, metalink library API and what
   the metalink RFC says. They are very hard to fix on the curl side
   only.

2. The metalink usage with curl was only very briefly documented and was
   not following the "normal" curl usage pattern in several ways, making
   it surprising and non-intuitive which could lead to further security
   issues.

3. The metalink library was last updated 6 years ago and wasn't so
   active the years before that either. An unmaintained library means
   there's a security problem waiting to happen. This is probably reason
   enough.

4. Metalink requires an XML parsing library, which is complex code (even
   the smaller alternatives) and to this day often gets security
   updates.

5. Metalink is not a widely used curl feature. In the 2020 curl user
   survey, only 1.4% of the responders said that they'd are using it. In
   2021 that number was 1.2%. Searching the web also show very few
   traces of it being used, even with other tools.

6. The torrent format and associated technology clearly won for
   downloading large files from multiple sources in parallel.

Cloes #7176
2021-06-07 08:14:25 +02:00
Daniel Stenberg
4b3d8f3558
github: remove the cmake macOS gcc-8 jobs
They're too similar to the gcc-9 ones to be useful (and seems to not
work anymore).

Closes #7187
2021-06-04 08:30:26 +02:00
Daniel Stenberg
f7d1273cf9
github: timeout jobs on macOS after 90 minutes
Assisted-by: Marc Hoersken
Closes #7173
2021-06-02 16:00:42 +02:00
Daniel Stenberg
e53a0f6833
github: inhibit deprecated declarations for clang on macOS
... as they otherwise cause ldap build errors in the CI.

Fixes #7081
Closes #7082
2021-05-17 22:45:46 +02:00
Daniel Stenberg
40ea52a241
github: add a workflow with libssh2 on macOS using cmake
Closes #7047
2021-05-16 23:21:12 +02:00
Tobias Gabriel
0acfe05c2e
.github/FUNDING: add link to GitHub sponsors
Closes #6985
2021-05-03 16:46:30 +02:00
Ayushman Singh Chauhan
6aae7b1761
docs: camelcase it like GitHub everywhere
Closes #6979
2021-04-28 08:16:20 +02:00
Daniel Stenberg
e052bbcd57
ci: adapt to configure requiring an explicit TLS choice 2021-04-22 23:19:47 +02:00
Daniel Stenberg
7bdec2a08b
configure: provide --with-openssl, deprecate --with-ssl
Makes the option more explicit.

Closes #6887
2021-04-15 09:08:34 +02:00
Anthony Shaw
2908a8232c
github/workflow: add "security-extended" to codeql-analysis.yml
Extends the CodeQL code scan.

Closes #6815
2021-04-09 15:46:31 +02:00
Daniel Stenberg
6dc03053d1
github: add torture-ftp for FTP-only torture testing
and at 20% to try to keep the run-time reasonable

Closes #6728
2021-03-12 23:36:38 +01:00
XhmikosR
78617b48e4
CI: fix warning with the latest versions
`git checkout HEAD^2` is no longer needed

Closes #6369
2020-12-25 16:21:14 +01:00
Daniel Stenberg
d16fb4d056
Revert "CI/github: work-around for brew breakage on macOS"
This reverts commit 4cbb17a2cb.

... as the work-around now causes failures.

Closes #6332
2020-12-16 14:37:41 +01:00
Daniel Stenberg
4d2f800677
curl.se: new home
Closes #6172
2020-11-04 23:59:47 +01:00
Daniel Stenberg
4cbb17a2cb
CI/github: work-around for brew breakage on macOS
... and make it use OpenSSL 1.1 properly

Fixes #6130
Closes #6129
2020-10-26 22:14:53 +01:00
Daniel Stenberg
96450a1a33
alt-svc: enable by default
Remove CURLALTSVC_IMMEDIATELY, which was never implemented/supported.

alt-svc support in curl is no longer considered experimental

Closes #5868
2020-10-25 23:08:54 +01:00
Daniel Stenberg
cd048aaa28
github: remove the duplicate "Security vulnerability" entry
... since github adds an entry automatically by itself.

Closes #5970
2020-09-17 15:22:11 +02:00
Emil Engler
48fb543d7f
github: use new issue template feature
This helps us to avoid getting feature requests as well as security
bugs reported into the issue tracker.

Closes #5936
2020-09-17 13:58:18 +02:00
Daniel Stenberg
2429f45a97
TLS naming: fix more Winssl and Darwinssl leftovers
The CMake option is now called CMAKE_USE_SCHANNEL

The winbuild flag is USE_SCHANNEL

The CI jobs and build scripts only use the new names and the new name
options

Tests now require 'Schannel' (when necessary)

Closes #5795
2020-08-08 00:19:21 +02:00
Marcel Raad
730dc48253
CI/macos: set minimum macOS version
This enables some deprecation warnings.
Previously, autotools defaulted to 10.8.

Closes https://github.com/curl/curl/pull/5723
2020-07-26 16:31:33 +02:00
Marcel Raad
05904db861
CI/macos: enable warnings as errors for CMake builds
Closes https://github.com/curl/curl/pull/5716
2020-07-25 08:51:11 +02:00
Marcel Raad
ff8b6ce05f
CI/macos: unconditionally enable warnings-as-errors with autotools
Previously, warnings were only visible in the output for most jobs.

Closes https://github.com/curl/curl/pull/5694
2020-07-19 10:35:19 +02:00
Marc Hoersken
a88fe0fd14
workflows: limit what branches to run CodeQL on
Align CodeQL action with existing CI actions:
- Update branch filter to avoid duplicate CI runs.
- Shorten workflow name due to informative job name.

Reviewed-by: Daniel Stenberg

Closes #5660
2020-07-13 21:01:03 +02:00
Daniel Stenberg
7de2a4ce35
codeql-analysis.yml: fix the 'languages' setting
It needs a 'with:' in front of it.
2020-06-26 08:49:47 +02:00
Daniel Stenberg
7183f5acc3
gtihub: codeql-analysis.yml
enables code security scanning with github actions
2020-06-26 01:06:05 +02:00
Marc Hoersken
0900b03ecf
CI/macos: fix 'is already installed' errors by using bundle
Avoid failing CI builds due to nghttp2 being already installed.

Closes #5513
2020-06-03 20:18:36 +02:00
Daniel Stenberg
23a3ab9dd5
github/workflow: enable MQTT in the macOS debug build 2020-04-14 13:04:10 +02:00
Marc Hoersken
638b8558d1
CI/macos: convert CRLF to LF and align indentation 2020-04-10 00:59:35 +02:00
Daniel Stenberg
6435aaa70b
github actions: run when pushed to master or */ci + PRs
Avoid double-builds when using "local" branches for PRs. For both macos
and fuzz jobs.

Closes #5201
2020-04-08 14:19:08 +02:00
Leo Neat
4506607b44
CI-fuzz: increase fuzz time to 40 minutes
Closes #5174
2020-04-02 23:56:19 +02:00