mirror of
https://github.com/curl/curl.git
synced 2026-06-20 17:45:41 +03:00
265b14d6b3
Warning: this will make existing curl command lines that use metalink to stop working. Reasons for removal: 1. We've found several security problems and issues involving the metalink support in curl. The issues are not detailed here. When working on those, it become apparent to the team that several of the problems are due to the system design, metalink library API and what the metalink RFC says. They are very hard to fix on the curl side only. 2. The metalink usage with curl was only very briefly documented and was not following the "normal" curl usage pattern in several ways, making it surprising and non-intuitive which could lead to further security issues. 3. The metalink library was last updated 6 years ago and wasn't so active the years before that either. An unmaintained library means there's a security problem waiting to happen. This is probably reason enough. 4. Metalink requires an XML parsing library, which is complex code (even the smaller alternatives) and to this day often gets security updates. 5. Metalink is not a widely used curl feature. In the 2020 curl user survey, only 1.4% of the responders said that they'd are using it. In 2021 that number was 1.2%. Searching the web also show very few traces of it being used, even with other tools. 6. The torrent format and associated technology clearly won for downloading large files from multiple sources in parallel. Cloes #7176
129 lines
4.8 KiB
YAML
129 lines
4.8 KiB
YAML
name: CI
|
|
|
|
on:
|
|
# Trigger the workflow on push or pull requests, but only for the
|
|
# master branch
|
|
push:
|
|
branches:
|
|
- master
|
|
- '*/ci'
|
|
pull_request:
|
|
branches:
|
|
- master
|
|
|
|
jobs:
|
|
autotools:
|
|
name: macos ${{ matrix.build.name }}
|
|
runs-on: 'macos-latest'
|
|
timeout-minutes: 90
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
build:
|
|
- name: normal
|
|
install: nghttp2
|
|
configure: --without-ssl
|
|
macosx-version-min: 10.9
|
|
- name: debug
|
|
install: nghttp2
|
|
configure: --enable-debug --without-ssl
|
|
macosx-version-min: 10.9
|
|
- name: libssh2
|
|
install: nghttp2 libssh2
|
|
configure: --enable-debug --with-libssh2 --without-ssl
|
|
macosx-version-min: 10.9
|
|
- name: c-ares
|
|
install: nghttp2
|
|
configure: --enable-debug --enable-ares --without-ssl
|
|
macosx-version-min: 10.9
|
|
- name: HTTP only
|
|
install: nghttp2
|
|
configure: --enable-debug --enable-maintainer-mode --disable-dict --disable-file --disable-ftp --disable-gopher --disable-imap --disable-ldap --disable-pop3 --disable-rtmp --disable-rtsp --disable-scp --disable-sftp --disable-smb --disable-smtp --disable-telnet --disable-tftp --disable-unix-sockets --disable-shared --without-brotli --without-gssapi --without-libidn2 --without-libpsl --without-librtmp --without-libssh2 --without-nghttp2 --without-ntlm-auth --without-ssl --without-zlib
|
|
macosx-version-min: 10.15
|
|
- name: SecureTransport http2
|
|
install: nghttp2
|
|
configure: --enable-debug --with-secure-transport
|
|
macosx-version-min: 10.8
|
|
- name: OpenSSL http2
|
|
install: nghttp2 openssl
|
|
configure: --enable-debug --with-openssl=/usr/local/opt/openssl
|
|
macosx-version-min: 10.9
|
|
- name: LibreSSL http2
|
|
install: nghttp2 libressl
|
|
configure: --enable-debug --with-openssl=/usr/local/opt/libressl
|
|
macosx-version-min: 10.9
|
|
- name: torture
|
|
install: nghttp2 openssl
|
|
configure: --enable-debug --disable-shared --disable-threaded-resolver --with-openssl=/usr/local/opt/openssl
|
|
tflags: -n -t --shallow=25 !FTP
|
|
macosx-version-min: 10.9
|
|
- name: torture-ftp
|
|
install: nghttp2 openssl
|
|
configure: --enable-debug --disable-shared --disable-threaded-resolver --with-openssl=/usr/local/opt/openssl
|
|
tflags: -n -t --shallow=20 FTP
|
|
macosx-version-min: 10.9
|
|
- name: macOS 10.15
|
|
install: nghttp2 libssh2 openssl
|
|
configure: --enable-debug --disable-ldap --with-openssl=/usr/local/opt/openssl
|
|
macosx-version-min: 10.15
|
|
steps:
|
|
- run: echo libtool autoconf automake pkg-config ${{ matrix.build.install }} | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile
|
|
name: 'brew bundle'
|
|
|
|
- run: brew update && brew bundle install --no-lock --file /tmp/Brewfile
|
|
name: 'brew install'
|
|
|
|
- uses: actions/checkout@v2
|
|
|
|
- run: ./buildconf && ./configure --enable-warnings --enable-werror ${{ matrix.build.configure }}
|
|
name: 'configure'
|
|
env:
|
|
# -Wvla is caused by brotli
|
|
CFLAGS: "-Wno-vla -mmacosx-version-min=${{ matrix.build.macosx-version-min }}"
|
|
|
|
- run: make
|
|
name: 'make'
|
|
|
|
- run: make test-nonflaky
|
|
name: 'test'
|
|
env:
|
|
TFLAGS: "${{ matrix.build.tflags }} ~1452"
|
|
|
|
cmake:
|
|
name: macos cmake ${{ matrix.compiler.CC }} ${{ matrix.build.name }}
|
|
runs-on: 'macos-latest'
|
|
env: ${{ matrix.compiler }}
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
compiler:
|
|
- CC: clang
|
|
CXX: clang++
|
|
CFLAGS: "-mmacosx-version-min=10.15 -Wno-deprecated-declarations"
|
|
- CC: gcc-9
|
|
CXX: g++-9
|
|
CFLAGS: "-mmacosx-version-min=10.15 -Wno-error=undef -Wno-error=conversion"
|
|
build:
|
|
- name: OpenSSL
|
|
install: nghttp2 openssl
|
|
generate: -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl -DCURL_DISABLE_LDAP=ON -DCURL_DISABLE_LDAPS=ON
|
|
- name: LibreSSL
|
|
install: nghttp2 libressl
|
|
generate: -DOPENSSL_ROOT_DIR=/usr/local/opt/libressl -DCURL_DISABLE_LDAP=ON -DCURL_DISABLE_LDAPS=ON
|
|
- name: libssh2
|
|
install: nghttp2 openssl libssh2
|
|
generate: -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl -DCMAKE_USE_LIBSSH2=ON
|
|
steps:
|
|
- run: echo libtool autoconf automake pkg-config ${{ matrix.build.install }} | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile
|
|
name: 'brew bundle'
|
|
|
|
- run: brew update && brew bundle install --no-lock --file /tmp/Brewfile
|
|
name: 'brew install'
|
|
|
|
- uses: actions/checkout@v2
|
|
|
|
- run: cmake -H. -Bbuild -DCURL_WERROR=ON -DPICKY_COMPILER=ON ${{ matrix.build.generate }}
|
|
name: 'cmake generate'
|
|
|
|
- run: cmake --build build
|
|
name: 'cmake build'
|