daniel:// stenberg://

One hundred #curl graphs

https://daniel.haxx.se/blog/2026/03/15/one-hundred-curl-graphs/

my week: https://lists.haxx.se/pipermail/daniel/2026-March/000148.html

Bug-Bounty: False, zip bombs, "just", badwords, release, new record, NTLM, SMB, 10K downloads, dependencies, nuget

"Our proprietary AI robots independently recreate any open source project from scratch"

https://malus.sh/

10K #curl downloads per year

https://daniel.haxx.se/blog/2026/03/09/10k-curl-downloads-per-year/

I keep getting offers from randos offering to setup various crypto currency things to sponsor me or curl.

I will NEVER agree to have my name associated with any crypto currency efforts/scams. There's no room for debate. A hard no.

just noticed I'm mentioned on the AI slop wikipedia page: https://en.wikipedia.org/wiki/AI_slop

Wget had its initial release (under a different name) in January 1996, so it has now already surpassed its 30th birthday.

curl is way behind, as it did not start its journey (under a different name) until November 11 1996

Welcome Florian Imdahl as #curl commit author 1447: https://github.com/curl/curl/pull/20748

My week: https://lists.haxx.se/pipermail/daniel/2026-February/000147.html

vacation, security, distro meeting, curl up, NDC Security, rc, lagging, rock-solid, decomplexification, netstack, user survey, foss-north

The third and final release candidate for #curl 8.19.0 is now available at
https://curl.se/rc/

curl.se over the last 30 days:

Served 77.12 TB of data at 3.81k requests/second.

95.91% of the object sizes were <1KB.
0.01% of the downloaded object sizes were 1-10MB (a tarball download)

99.69% of the content delivered was cached by the CDN.

Thanks #Fastly!

Like every sane person, I've now added a "medals" section to my personal website. 😎

https://daniel.haxx.se/

See you in Oslo on Thursday? https://ndcsecurity.com/agenda/three-decades-of-curl-0ugm/0m55j1o34kp

"the game is lagging"

From my #inbox

https://daniel.haxx.se/email/2026-02-26.html

I'm one of the early "members" of the Open Source Endowment. Eager to see where this is going:

"Truly sustainable funding for critical OSS through a community‑driven endowment"

https://endowment.dev/

I found this Veratasium documentary on the xz Jia Tan backdoor adventure quite good and surprisingly detailed:

https://www.youtube.com/watch?v=aoag03mSuXQ

If you need a #curl version with support for OpenSSL v1 for a few more years, we got you covered: https://rock-solid.curl.dev/

If you need inspiration for your next pillow embroidery

there is always a CURLOPT for it

Today is two years since #curl passed its HTTP/3 security audit with flying colors:
"no major discoveries or security problems"

https://daniel.haxx.se/blog/2024/02/23/curl-http-3-security-audit/

RE: @anderseknert@swecyb.com

The future is here.

the public consultation on "European Open Digital Ecosystems" apparently received 1,658 submissions. One of the biggest public consultations ever apparently.

Well done fellow Open Sourcers!

More of the same: https://redmonk.com/kholterhoff/2026/02/03/ai-slopageddon-and-the-oss-maintainers/

I'm a little amazed by the amount of CVEs released by OpenSSL today: https://openssl-library.org/news/vulnerabilities/

12(!) of them were reported by people at Aisle.

Aisle makes an AI-powered code analyzer. That's what they use to find these flaws.

I mean if you are curious what AI can do in Open Source security when used for good.

The end of the #curl bug-bounty

https://daniel.haxx.se/blog/2026/01/26/the-end-of-the-curl-bug-bounty/

I am awarded a gold medal by the Royal Swedish Academy of Sciences for my work on #curl

https://daniel.haxx.se/blog/2025/10/21/a-royal-gold-medal/

"Open Source as Europe’s Strategic Advantage" a 46-page report by the Linux Foundation

https://www.linuxfoundation.org/research/world-of-open-source-eu-2025

Current digital infrastructure

Remember: it is a calmer more chill life without copyright years. https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/