Log message:
libcurl-gnutls: update to version 8.1.2, use Makefile fragment

Log message:
curl: create Makefile.common, to be used by curl and libcurl-gnutls

Log message:
curl: updated to 8.1.2

curl and libcurl 8.1.2

This release includes the following bugfixes:

 o configure: quote the assignments for run-compiler [1]
 o configure: without pkg-config and no custom path, use -lnghttp2 [8]
 o curl: cache the --trace-time value for a second [9]
 o http2: fix EOF handling on uploads with auth negotiation [7]
 o http3: send EOF indicator early as possible [11]
 o lib1560: verify more scheme guessing [5]
 o lib: remove unused functions, make single-use static [3]
 o libcurl.m4: remove trailing 'dnl' that causes this to break autoconf [10]
 o libssh: when keyboard-interactive auth fails, try password [4]
 o misc: fix spelling mistakes [2]
 o page-header: mention curl version and how to figure out current release [13]
 o page-header: minor wording polish in the URL segment [12]
 o scripts/singleuse.pl: add more API calls
 o urlapi: remove superfluous host name check [6]

Log message:
curl: updated to 8.1.1

curl and libcurl 8.1.1

This release includes the following bugfixes:

 o cf-socket: completely remove the disabled USE_RECV_BEFORE_SEND_WORKAROUND [12]
 o checksrc: disallow spaces before labels [16]
 o cmake: avoid `list(PREPEND)` for compatibility [24]
 o cmake: repair cross compiling [10]
 o configure: fix --help alignment [9]
 o configure: generate a script to run the compiler [11]
 o curl_easy_getinfo: clarify on return data types [15]
 o docs: document that curl_url_cleanup(NULL) is a safe no-op [4]
 o hostip: move easy_lock.h include above curl_memory.h [14]
 o http2: double http request parser max line length [8]
 o http2: increase stream window size to 10 MB [22]
 o http2: upload improvements [21]
 o lib: fix conversion warnings with gcc on macOS
 o lib: rename struct 'http_req' to 'httpreq' [23]
 o ngtcp2: fix compiler warning about possible null-deref [3]
 o ngtcp2: proper handling of uint64_t when adjusting send buffer [1]
 o os400: update chkstrings.c [2]
 o runtests: handle interrupted reads from IPC pipes
 o runtests: use the correct fd after select [20]
 o sectransp.c: make the code c89 compatible [17]
 o select: avoid returning an error on EINTR from select() or poll() [5]
 o test425: fix the log directory for the upload
 o url: provide better error message when URLs fail to parse [18]
 o urlapi: allow numerical parts in the host name [7]
 o vquic.c: make recvfrom_packets static, avoid compiler warning [6]

Log message:
curl: update to 8.1.0.

This release includes the following changes:

 o curl: add --proxy-http2 [62]
 o CURLPROXY_HTTPS2: for HTTPS proxy that may speak HTTP/2 [57]
 o hostip: refuse to resolve the .onion TLD [19]
 o tool_writeout: add URL component variables [41]

This release includes the following bugfixes:

 o amiga: Fix CA certificate paths for AmiSSL and MorphOS [150]
 o autotools: sync up clang picky warnings with cmake [114]
 o aws-sigv4.d: fix region identifier in example [168]
 o bufq: simplify since expression is always true [72]
 o cf-h1-proxy: skip an extra NULL assign [80]
 o cf-h2-proxy: fix processing ingress to stop too early [76]
 o cf-socket: add socket recv buffering for most tcp cases [90]
 o cf-socket: Disable socket receive buffer by default [75]
 o cf-socket: remove dead code discovered by PVS [82]
 o cf-socket: turn off IPV6_V6ONLY on Windows if it is supported [123]
 o checksrc: check for spaces before the colon of switch labels [160]
 o checksrc: find bad indentation in conditions without open brace [152]
 o checksrc: fix SPACEBEFOREPAREN for conditions starting with "*" [115]
 o ci: `-Wno-vla` no longer necessary [158]
 o CI: fix brew retries on GHA
 o CI: Set minimal permissions on workflow ngtcp2-quictls.yml [153]
 o CI: skip Azure for commits which change only GHA
 o CI: use another glob syntax for matching files on Appveyor
 o cmake: bring in the network library on Haiku [9]
 o cmake: do not add zlib headers for openssl [49]
 o CMake: make config version 8 compatible with 7 [28]
 o cmake: picky-linker fixes for openssl, ZLIB, H3 and more [31]
 o cmake: set SONAME for SunOS too [3]
 o cmake: speed up and extend picky clang/gcc options [116]
 o CMakeLists.txt: fix typo for Haiku detection [95]
 o compressed.d: clarify the words on "not notifying headers" [163]
 o config-dos.h: fix SIZEOF_CURL_OFF_T for MS-DOS/DJGPP [52]
 o configure: don't set HAVE_WRITABLE_ARGV on Windows [64]
 o configure: fix detection of apxs (for httpd) [157]
 o configure: make quiche require quiche_conn_send_ack_eliciting [46]
 o connect: fix https connection setup to treat ssl_mode correctly [94]
 o content_encoding: only do transfer-encoding compression if asked to [61]
 o cookie: address PVS nits [74]
 o cookie: clarify that init with data set to NULL reads no file [99]
 o curl: do NOT append file name to path for upload when there's a query [58]
 o curl_easy_getinfo.3: typo fix (duplicated "from the") [43]
 o curl_easy_unescape.3: rename the argument [113]
 o curl_path: bring back support for SFTP path ending in /~ [130]
 o curl_url_set.3: mention that users can set content rather freely [105]
 o CURLOPT_IPRESOLVE.3: this for host names, not IP addresses [165]
 o data.d: emphasize no conversion [5]
 o digest: clear target buffer [8]
 o doc: curl_mime_init() strong easy binding was relaxed in 7.87.0 [26]
 o docs/cmdline-opts: document the dotless config path [1]
 o docs/examples/protofeats.c: outputs all protocols and features [110]
 o docs/libcurl/curl_*escape.3: rename "url" argument to \ 
"input"/"string" [131]
 o docs/SECURITY-ADVISORY.md: how to write a curl security advisory [128]
 o docs: bump the minimum perl version to 5.6
 o docs: clarify that more backends have HTTPS proxy support [127]
 o dynbuf: never allocate larger than "toobig" [17]
 o easy_cleanup: require a "good" handle to act [149]
 o ftp: fix 'portsock' variable was assigned the same value [78]
 o ftp: remove dead code [79]
 o ftplistparser: move out private data from public struct [20]
 o ftplistparser: replace realloc with dynbuf [18]
 o gen.pl: error on duplicated See-Also fields [102]
 o getpart: better handle case of file not found
 o GHA-linux: add an address-sanitizer build [15]
 o GHA: add a memory-sanitizer job [2]
 o GHA: run all linux test jobs with valgrind [14]
 o GHA: suppress git clone output [89]
 o GIT-INFO: add --with-openssl [171]
 o gskit: various compile errors in OS400 [12]
 o h2/h3: replace `state.drain` counter with `state.dselect_bits` [141]
 o hash: fix assigning same value [73]
 o headers: clear (possibly) lingering pointer in init [167]
 o hostcheck: fix host name wildcard checking [134]
 o hostip: add locks around use of global buffer for alarm() [129]
 o hostip: enforce a maximum DNS cache size independent of timeout value [166]
 o HTTP-COOKIES.md: mention the #HttpOnly_ prefix [16]
 o http2: always EXPIRE_RUN_NOW unpaused http/2 transfers [139]
 o http2: do flow window accounting for cancelled streams [155]
 o http2: enlarge the connection window [101]
 o http2: flow control and buffer improvements [54]
 o http2: move HTTP/2 stream vars into local context [67]
 o http2: pass `stream` to http2_handle_stream_close to avoid NULL checks [140]
 o http2: remove unused Curl_http2_strerror function declaration [108]
 o HTTP3/quiche: terminate h1 response header when no body is sent [112]
 o http3: check stream_ctx more thoroughly in all backends [77]
 o HTTP3: document the ngtcp2/nghttp3 versions to use for building curl [143]
 o http3: expire unpaused transfers in all HTTP/3 backends [138]
 o http3: improvements across backends [51]
 o http: free the url before storing a new copy [162]
 o http: skip a double NULL assign [83]
 o ipv4.d/ipv6.d: they are "mutex", not "boolean" [122]
 o KNOWN_BUGS: remove fixed or outdated issues, move non-bugs [65]
 o lib/cmake: add HAVE_WRITABLE_ARGV check [63]
 o lib/sha256.c: typo fix in comment (duplicated "is available") [40]
 o lib1560: verify that more bad host names are rejected [104]
 o lib: add `bufq` and `dynhds` [34]
 o lib: remove CURLX_NO_MEMORY_CALLBACKS [55]
 o lib: unify the upload/method handling [144]
 o lib: use correct printf flags for sockets and timediffs [36]
 o libssh2: fix crash in keyboard callback [126]
 o libssh2: free fingerprint better [164]
 o libssh: tell it to use SFTP non-blocking [59]
 o man pages: simplify the .TH sections [133]
 o MANUAL.md: add dict example for looking up a single definition [132]
 o md(4|5): don't use deprecated iOS functions [21]
 o md4: only build when used [68]
 o mime: skip NULL assigns after Curl_safefree() [84]
 o multi: add handle asserts in DEBUG builds [11]
 o multi: add multi-ignore logic to multi_socket_action [154]
 o multi: free up more data earleier in DONE [118]
 o multi: remove a few superfluous assigns [97]
 o multi: remove PENDING + MSGSENT handles from the main linked list [23]
 o ngtcp2: adapted to 0.15.0 [151]
 o ngtcp2: adjust config and code checks for ngtcp2 without nghttp3 [4]
 o noproxy: pointer to local array 'hostip' is stored outside scope [93]
 o ntlm: clear lm and nt response buffers before use [7]
 o openssl: interop with AWS-LC [30]
 o OS400: fix and complete ILE/RPG binding [96]
 o OS400: implement EBCDIC support for recent features [100]
 o OS400: improve vararg emulation [92]
 o OS400: provide ILE/RPG usage examples [81]
 o pingpong: fix compiler warning "assigning an enum to unsigned char" \ 
[156]
 o pytest: improvements for suitable curl and error output [35]
 o quiche: disable pacing while pacing is not actually performed [148]
 o quiche: Enable IDLE egress handling [109]
 o RELEASE-PROCEDURE: update to new schedule [25]
 o rtsp: convert mallocs to dynbuf for RTP buffering [37]
 o rtsp: skip malformed RTSP interleaved frame data [33]
 o rtsp: skip NULL assigns after Curl_safefree() [85]
 o runtests: die if curl version can be found [10]
 o runtests: don't start servers if -l is given
 o runtests: fix -c option when run with valgrind [145]
 o runtests: fix quoting in Appveyor and Azure test integration [117]
 o runtests: lots of refactoring
 o runtests: refactor into more packages [60]
 o runtests: show error message if file can't be written
 o runtests: spawn a new process for the test runner [146]
 o rustls: fix error in recv handling [50]
 o schannel: add clarifying comment [98]
 o server/getpart: clear target buffer before load [6]
 o smb: remove double assign [86]
 o smbserver: remove temporary files before exit [135]
 o socketpair: verify with a random value [142]
 o ssh: Add support for libssh2 read timeout [170]
 o telnet: simplify the implementation of str_is_nonascii() [42]
 o test1169: fix so it works properly everywhere [106]
 o test1592: add flaky keyword [39]
 o test1960: point to the correct path for the precheck tool
 o test303: kill server after test
 o tests/http: add timeout to running curl in test cases [24]
 o tests/http: fix log formatting on wrong exit code [27]
 o tests/http: fix out-of-tree builds [121]
 o tests/http: improved httpd detection [45]
 o tests/http: more tests with specific clients [125]
 o tests/http: relax connection check in test_07_02 [53]
 o tests/keywords.pl: remove [111]
 o tests/libtest/lib1900.c: remove
 o tests/sshserver.pl: Define AddressFamily earlier [103]
 o tests: 1078 1288 1297 use valid IPv4 addresses
 o tests: document that the unittest keyword is special
 o tests: increase sws timeout for more robust testing [66]
 o tests: log a too-long Unix socket path in sws and socksd
 o tests: make test_12_01 a bit more forgiving on connection counts
 o tests: move pidfiles and portfiles under the log directory [48]
 o tests: move server config files under the pid dir [47]
 o tests: silence some Perl::Critic warnings in test suite [56]
 o tests: stop using strndup(), which isn't portable
 o tests: switch to 3-argument open in test suite
 o tests: turn perl modules into full packages
 o tests: use %LOGDIR to refer to the log directory
 o tool_cb_hdr: Fix 'Location:' formatting for early VTE terminals [147]
 o tool_operate: pass a long as CURLOPT_HEADEROPT argument [13]
 o tool_operate: refuse (--data or --form) and --continue-at combo [119]
 o transfer: refuse POSTFIELDS + RESUME_FROM combo [120]
 o transfer: skip extra assign [87]
 o url: fix null dispname for --connect-to option [161]
 o url: fix PVS nits [71]
 o url: remove call to Curl_llist_destroy in Curl_close [22]
 o urlapi: cleanups and improvements [91]
 o urlapi: detect and error on illegal IPv4 addresses [70]
 o urlapi: prevent setting invalid schemes with *url_set() [107]
 o urlapi: skip a pointless assign [88]
 o urlapi: URL encoding for the URL missed the fragment [29]
 o urldata: copy CURLOPT_AWS_SIGV4 value on handle duplication [137]
 o urldata: shrink *select_bits int => unsigned char [124]
 o vlts: use full buffer size when receiving data if possible [32]
 o vtls and h2 improvements [69]
 o Websocket: enhanced en-/decoding [136]
 o wolfssl.yml: bump to version 5.6.0 [44]
 o write-out.d: Use response_code in example [159]
 o ws: handle reads before EAGAIN better [38]

Log message:
revbump after textproc/icu update

Log message:
curl: Update to 8.0.1

Changes:
8.0.1
-----
 o Revert "multi: remove PENDING + MSGSENT handles"

This is a bugfix release only with that change and pretty critical
regression that should be okay during the freeze.

Thanks to bch for privately pinging and sharing that!

Log message:
curl: update to 8.0.0.

Exactly one month since the previous release, we are happy to give
you curl 8.0.0 released on curl’s official 25th birthday.

This a major version number bump but without any ground-breaking
changes or fireworks. We decided it was about time to reset the
minor number down to more a manageable level and doing it exactly
on curl’s 25th birthday made it extra fun. There is no API nor ABI
break in this version.

We disclose six new vulnerabilities today, five of them at severity
Low and one of them at Medium.

CVE-2023-27533: TELNET option IAC injection
CVE-2023-27534: SFTP path ~ resolving discrepancy
CVE-2023-27535: FTP too eager connection reuse
CVE-2023-27536: GSS delegation too eager connection re-use
CVE-2023-27537: HSTS double-free
CVE-2023-27538: SSH connection too eager reuse still

Log message:
curl: updated to 7.88.1

Fixed in 7.88.1 - February 20 2023

Bugfixes:

build-openssl.bat: keep OpenSSL 3 engine binaries
cmake: fix Windows check for CryptAcquireContext
connnect: fix timeout handling to use full duration
curl: make --silent work stand-alone
curl_setup: Suppress OpenSSL 3 deprecation warnings
CURLOPT_WS_OPTIONS.3: fix the availability version
GHA: update rustls dependency to 0.9.2
http2: buffer/pausedata and output flush fix.
http2: set drain on stream end
http: include stdint.h more readily
krb5: silence cast-align warning
lib1560: add IPv6 canonicalization tests
os400: correct Curl_os400_sendto()
remote-header-name.d: mention that filename* is not supported
runtests: fix "uninitialized value $port"
setopt: allow HTTP3 when HTTP2 is not defined
socketpair: allow EWOULDBLOCK when reading the pair check bytes
socks: allow using DoH to resolve host names
tests-httpd: add proxy tests
tests: make sure gnuserv-tls has SRP support before using it
tests: make the telnet server shut down a socket gracefully
tool_getparam: make --get a true boolean
tool_operate: allow debug builds to set buffersize
urlapi: do the port number extraction without using sscanf()
urldata: remove `now` from struct SingleRequest - not needed

Log message:
curl: update to 7.88.0.

curl and libcurl 7.87.1

This release includes the following changes:

 o curl.h: add CURL_HTTP_VERSION_3ONLY [82]
 o share: add sharing of HSTS cache among handles [7]
 o src: add --http3-only [81]
 o tool_operate: share HSTS between handles
 o urlapi: add CURLU_PUNYCODE [25]
 o writeout: add %{certs} and %{num_certs} [33]

This release includes the following bugfixes:

 o cf-socket: fix build when not HAVE_GETPEERNAME [89]
 o cf-socket: keep sockaddr local in the socket filters [69]
 o cfilters:Curl_conn_get_select_socks: use the first non-connected filter [24]
 o CI: add a workflow to automatically label pull requests [102]
 o CI: add pytest GHA to CI test/tests-httpd on a HTTP/3 setup [109]
 o CI: Retry failed downloads to reduce spurious failures
 o CI: update wolfssl / wolfssh to 5.5.4 / 1.4.12 [167]
 o cmake: bump requirement to 3.7 [23]
 o cmake: check for sendmsg [39]
 o cmake: delete redundant macro definition `SECURITY_WIN32` [91]
 o cmake: fix dev warning due to mismatched arg [160]
 o cmake: fix the snprintf detection [5]
 o cmake: remove deprecated symbols check [96]
 o cmake: set SOVERSION also for macOS [68]
 o cmake: use list APPEND syntax for CMAKE_REQUIRED_DEFINITIONS [94]
 o cmdline-opts/Makefile: on error, do not leave a partial [163]
 o CODEOWNERS: remove the peeps mentioned as CI owners [128]
 o connect: fix access of pointer before NULL check [83]
 o connect: fix build when not ENABLE_IPV6 [88]
 o connect: fix strategy testing for attempts, timeouts and happy-eyeball [110]
 o connections: introduce http/3 happy eyeballs [127]
 o content_encoding: do not reset stage counter for each header [170]
 o CONTRIBUTE: More formally specify the commit description [158]
 o cookies: fp is always not NULL [104]
 o copyright.pl: cease doing year verifications [74]
 o copyright: update all copyright lines and remove year ranges [35]
 o curl.1: make help, version and manual sections "custom" [165]
 o curl.h: allow up to 10M buffer size [76]
 o curl.h: mark CURLSSLBACKEND_MESALINK as deprecated [52]
 o curl/websockets.h: extend the websocket frame struct
 o curl: output warning at --verbose output for debug-enabled version [80]
 o curl_free.3: fix return type of `curl_free` [113]
 o curl_global_sslset.3: clarify the openssl situation [53]
 o curl_log: for failf/infof and debug logging implementations [87]
 o curl_setup: Disable by default recv-before-send in Windows [154]
 o curl_version_info.3: fix typo [100]
 o curl_ws_send.3: clarify how to send multi-frame messages
 o CURLOPT_HEADERDATA.3: warn DLL users must set write function [45]
 o CURLOPT_READFUNCTION.3: the callback 'size' arg is always 1 [73]
 o CURLOPT_WRITEFUNCTION.3: fix memory leak in example [122]
 o dict: URL decode the entire path always [120]
 o docs/DEPRECATE.md: deprecate gskit [36]
 o docs: add link to GitHub Discussions [49]
 o docs: mention indirect effects of --insecure [19]
 o docs: POSTFIELDSIZE must be set to -1 with read function [97]
 o doh: ifdef IPv6 code [123]
 o easyoptions: fix header printing in generation script [84]
 o escape: hex decode with a lookup-table [107]
 o escape: use table lookup when adding %-codes to output [105]
 o examples: remove the curlgtk.c example [48]
 o fopen: remove unnecessary assignment [111]
 o ftpserver: lower the DATA connect timeout to speed up torture tests [27]
 o GHA/macos.yml: bump to gcc-12 [106]
 o GHA/macos: use Xcode_14.0.1 for cmake builds [132]
 o GHA: add job on Slackware 15.0 [58]
 o GHA: bump ngtcp2 workflow dependencies [169]
 o GHA: enable websockets in the torture job [148]
 o GHA: move the quiche job here from zuul [75]
 o GHA: use designated ngtcp2 and its dependencies versions [77]
 o haxproxy: send before TLS handhshake [34]
 o header.d: add a header file example [149]
 o hsts.d: explain hsts more [78]
 o hsts: handle adding the same host name again
 o HTTP/[23]: continue upload when state.drain is set [150]
 o http2: aggregate small SETTINGS/PRIO/WIN_UPDATE frames [155]
 o http2: fix compiler warning due to uninitialized variable
 o http2: minor buffer and error path fixes [151]
 o http2: when using printf %.*s, the length arg must be 'int' [41]
 o HTTP3: mention what needs to be in place to remove EXPERIMENTAL label [31]
 o http: add additional condition for including stdint.h [54]
 o http: decode transfer encoding first [51]
 o http: fix "part of conditional expression is always false" [125]
 o http: remove the trace message "Mark bundle... multiuse" [6]
 o http_aws_sigv4: remove typecasts from HMAC_SHA256 macro [121]
 o http_proxy: do not assign data->req.p.http use local copy [59]
 o INSTALL: document how to use multiple TLS backends [103]
 o lib670: make test.h the first include [56]
 o lib: connect/h2/h3 refactor [57]
 o lib: fix typos [99]
 o lib: fix typos in comments which repeat a word [67]
 o libssh2: try sha2 algos for hostkey methods [2]
 o libtest: add a sleep macro for Windows [115]
 o Linux CI: update some dependecies to latest tag [44]
 o Makefile.mk: fix wolfssl and mbedtls default paths [21]
 o man pages: call the custom user pointer 'clientp' consistently [135]
 o md4: fix build with GnuTLS + OpenSSL v1 [12]
 o misc: fix grammar and spelling [14]
 o misc: fix spelling [134]
 o misc: reduce struct and struct field sizes [65]
 o msh3: add support for request payload [28]
 o msh3: update to v0.5 Release [17]
 o msh3: update to v0.6 [60]
 o multi: stop sending empty HTTP/3 UDP datagrams on Windows [136]
 o multihandle: turn bool struct fields into bits [26]
 o ngtcp2: add CURLOPT_SSL_CTX_FUNCTION support for openssl+wolfssl [62]
 o ngtcp2: fix the build without 'sendmsg' [38]
 o ngtcp2: replace removed define and stop using removed function [164]
 o no-clobber.d: only use long form options in man page text [145]
 o noproxy: support for space-separated names is deprecated [66]
 o nss: implement data_pending method [43]
 o openldap: fix missing sasl symbols at build in specific configs [152]
 o openssl: adapt to boringssl's error code type [118]
 o openssl: don't ignore CA paths when using Windows CA store (redux) [101]
 o openssl: don't log raw record headers [93]
 o openssl: make the BIO_METHOD a local variable in the connection filter [79]
 o openssl: only use CA_BLOB if verifying peer [112]
 o openssl: remove attached easy handles from SSL instances [29]
 o openssl: store the CA after first send (ClientHello) [156]
 o os400: fixes to make-lib.sh and initscript.sh [71]
 o packages: remove Android, update README [108]
 o release-notes.pl: check fixes/closes lines better
 o Revert "x509asn1: avoid freeing unallocated pointers" [37]
 o runtest.pl: add expected fourth return value [40]
 o runtests: tear down http2/http3 servers when https server is stopped [8]
 o runtests: consider warnings fatal and error on them [32]
 o runtests: fix detection of TLS backends [50]
 o runtests: make 'mbedtls' a testable feature
 o rustls: improve error messages [162]
 o scripts/delta: show percent of number of files changed since last tag
 o scripts: fix Appveyor job detection in cijobs.pl
 o scripts: set file mode +x on all perl and shell scripts [63]
 o sectransp: fix for incomplete read/writes [61]
 o SECURITY-PROCESS.md: document severity levels [20]
 o setopt: Address undefined behaviour by checking for null [161]
 o setopt: move the SHA256 opt within #ifdef libssh2 [42]
 o setopt: use >, not >=, when checking if uarg is larger than uint-max [140]
 o smb: return error on upload without size [142]
 o socketpair: allow localhost MITM sniffers [30]
 o strdup: name it Curl_strdup [16]
 o system.h: assume OS400 is always built with ILEC compiler [95]
 o test1560: use a UTF8-using locale when run [46]
 o test2304: remove stdout verification
 o tests-httpd: basic infra to run curl against an apache httpd [72]
 o tests: add 3 new HTTP/2 test cases, plus https: support for nghttpx [9]
 o tests: add tests for HTTP/2 and HTTP/3 to verify the header API [166]
 o tests: avoid use of sha1 in certificates [4]
 o tls: fixes for wolfssl + openssl combo builds [133]
 o tool_getparam: fix hiding of command line secrets [85]
 o tool_operate: fix `CURLOPT_SOCKS5_GSSAPI_NEC` type [1]
 o tool_operate: fix error codes during DOS filename sanitize [138]
 o tool_operate: fix error codes on bad URL & OOM [139]
 o tool_operate: fix headerfile writing [64]
 o tool_operate: repair --rate [119]
 o transfer: break the read loop when RECV is cleared [22]
 o typecheck: accept expressions for option/info parameters [3]
 o url: fix part of conditional expression is always true [147]
 o urlapi: avoid Curl_dyn_addf() for hex outputs [130]
 o urlapi: fix part of conditional expression is always true: qlen [146]
 o urlapi: skip path checks if path is just "/" [131]
 o urlapi: skip the extra dedotdot alloc if no dot in path [126]
 o urldata: cease storing TLS auth type [55]
 o urldata: make 'ftp_create_missing_dirs' depend on FTP || SFTP [13]
 o urldata: make set.http200aliases conditional on HTTP being present [11]
 o urldata: move the cookefilelist to the 'set' struct [15]
 o urldata: remove unused struct fields, made more conditional [10]
 o vquic: stabilization and improvements [141]
 o vtls: fix hostname handling in filters [98]
 o vtls: manage current easy handle in nested cfilter calls [90]
 o vtls: use ALPN HTTP/1.0 when HTTP/1.0 is used
 o winbuild: document that arm64 is supported [92]
 o windows: always use curl's basename() implementation [157]
 o wolfssl: remove deprecated post-quantum algorithms [124]
 o workflows/linux.yml: merge 3 common packages [18]
 o write-out.d: add 'since version' to %{header_json} documentation [129]
 o write-out.d: clarify Windows % symbol escaping [86]
 o ws: fix autoping handling [70]
 o ws: fix multiframe send handling [143]
 o ws: fix recv of larger frames [144]
 o ws: remove bad assert [117]
 o ws: unstick connect-only shutdown [116]
 o ws: use %Ou for outputting curl_off_t with info() [153]
 o x509asn1: fix compile errors and warnings [47]
 o zuul: stop using this CI service [114]