What’s new in curl
daniel.haxx.seSuch an amazingly useful tool -- just a couple hours ago I was using it to setup and launch an entire website from the command-line after having just learned that Dreamhost has a REST API for setting up DNS (which works in tandem with AWS's s3api CLI tool) -- and so actively yet quietly updating for nearly 20 years now...
Daniel Stenberg (curl's creator) posted a talk he gave at Google's Stockholm offices a few months ago...I'm sure he's told the origin story many times before but it was the first I've heard of its truly humble and hacker-DIY origins (he needed a convenient way to access currency rates while chatting in IRC):
http://daniel.haxx.se/blog/2015/09/17/blabbed-about-curl-at-...
The talk is worth watching just to hear not about what it's like to maintain a "hobby project" for a billion users, but for a nostalgic tour of Internet protocols at the time of curl's birth.
Here's another very nice podcast (changelog) on curl with Daniel Stenberg - http://5by5.tv/changelog/153
Another thing I really liked is the thanks list - http://curl.haxx.se/docs/thanks.html
I'm amazed at how lousy http-client support in languages continues to be. It's not like there's any secret that it's critical or how to do it right. Python still doesn't have a very good httplib, hence the popularity of Requests.
I wrote the original PayPal IPN sample code (sorry!) and it was maddening trying to figure out the best way to do simple HTTP POST in all the languages, except for cURL.
The Code of Conduct they wrote is a nice touch.
https://github.com/bagder/curl/blob/master/docs/CODE_OF_COND...
I'm surprised to read (when following the "after some amount of agony" link) that LibreSSL deprecates less stuff than OpenSSL.
I read through that too, and immediately thought about the OpenBSD approach: Don't create hacks and workarounds in your own code for what bugs and shortcomings which should be fixed upstream. Send a patch to fix it upstream, and you've fixed your project too.
Clearly OpenSSL and BoringSSL (but not LibreSSL) lack a defined way to properly and deterministically identify themselves as projects, in a stable fashion. He should try submitting a patches to get each project to expose a unique property which can be detected in consumer-code.
That way (like OpenBSD does) he haven't just solved the problem for himself, but for other projects too.
If more people had that attitude towards code quality which the OpenBSD team has, we might not be in such a buggy universe as we are now.
I use wget because that was the first tool I used. I never think of curl until I want to do something aria2c is over kill.