docs/cmdline-opts: mark all global options

gen.pl now outputs a generic explanations for them for each option

Fixes #10566
Reported-by: u20221022 on github
Closes #10584

GHA: add Microsoft C++ Code Analysis

Closes #10583

tool_progress: shut off progress meter for --silent in parallel

Reported-by: finkjsc on github
Fixes #10573
Closes #10579

lib1560: add a test using %25 in the userinfo in a URL

Closes #10578

CURLOPT_PIPEWAIT: allow waited reuse also for subsequent connections

As tested in test_02_07, when firing off 200 urls with --parallel, 199
wait for the first connection to be establishe

CURLOPT_PIPEWAIT: allow waited reuse also for subsequent connections

As tested in test_02_07, when firing off 200 urls with --parallel, 199
wait for the first connection to be established. if that is multiuse,
urls are added up to its capacity.

The first url over capacity opens another connection. But subsequent
urls found the same situation and open a connection too. They should
have waited for the second connection to actually connect and make its
capacity known.

This change fixes that by

- setting `connkeep()` early in the HTTP setup handler. as otherwise
a new connection is marked as closeit by default and not considered
for multiuse at all
- checking the "connected" status for a candidate always and continuing
to PIPEWAIT if no alternative is found.

pytest:
- removed "skip" from test_02_07
- added test_02_07b to check that http/1.1 continues to work as before

Closes #10456

show more ...

test419: verify --dump-header to file that cannot be created

Closes #10571

tool_operate: avoid fclose(NULL) on bad header dump file

Fixes #10570
Reported-by: Jérémy Rabasco
Closes #10571

RELEASE-NOTES: synced

Starting the journey towards 8.0.0

cookie: parse without sscanf()

Saves us from using 2*4096 bytes buffers on stack, the extra copies and
more.

Closes #10550

lib517: verify time stamps without leading zeroes plus some more

parsedate: replace sscanf( for time stamp parsing

Closes #10547

parsedate: parse strings without using sscanf()

- sscanf is slow and complex, avoid it
- give up already if the string is 12 bytes or longer as no valid string
can be that long

parsedate: parse strings without using sscanf()

- sscanf is slow and complex, avoid it
- give up already if the string is 12 bytes or longer as no valid string
can be that long
- this can now be done without copy

Closes #10547

show more ...

tests: HTTP server fixups

- httpserver.pl -> http-server.pl for consistency
- add http3-server.pl to EXTRA_DIST; alphabetise for maintainability
- nghttpx proxy invocation scripts sh

tests: HTTP server fixups

- httpserver.pl -> http-server.pl for consistency
- add http3-server.pl to EXTRA_DIST; alphabetise for maintainability
- nghttpx proxy invocation scripts should not use getcwd

Closes #10568

show more ...

RELEASE-NOTES: synced

7.88.1 release

THANKS: add contributors from 7.88.1

socketpair: allow EWOULDBLOCK when reading the pair check bytes

Reported-by: Gunamoi Software
Co-authored-by: Jay Satiro
Fixes #10561
Closes #10562

tool_operate: fix scanbuild compiler warning

Prior to this change Azure CI scanbuild warned of a potential NULL
pointer string passed to strtol when CURLDEBUG enabled, even though the

tool_operate: fix scanbuild compiler warning

Prior to this change Azure CI scanbuild warned of a potential NULL
pointer string passed to strtol when CURLDEBUG enabled, even though the
way the code was written it wouldn't have happened.

Bug: https://github.com/curl/curl/commit/5479d991#r101159711
Reported-by: Marcel Raad

Closes https://github.com/curl/curl/pull/10559

show more ...

curl_setup: Suppress OpenSSL 3 deprecation warnings

- Define OPENSSL_SUPPRESS_DEPRECATED.

OpenSSL 3 has deprecated some of the functions libcurl uses such as
those with DES, MD5

curl_setup: Suppress OpenSSL 3 deprecation warnings

- Define OPENSSL_SUPPRESS_DEPRECATED.

OpenSSL 3 has deprecated some of the functions libcurl uses such as
those with DES, MD5 and ENGINE prefix. We don't have replacements for
those functions so the warnings were disabled in autotools and cmake
builds, but still showed in other builds.

Closes https://github.com/curl/curl/pull/10543

show more ...

build-openssl.bat: keep OpenSSL 3 engine binaries

Prior to this change copying the OpenSSL 3 engine binaries failed
because 'engines-1_1' (OpenSSL 1.1.x folder name) was erroneously used

build-openssl.bat: keep OpenSSL 3 engine binaries

Prior to this change copying the OpenSSL 3 engine binaries failed
because 'engines-1_1' (OpenSSL 1.1.x folder name) was erroneously used
instead of 'engines-3'. The OpenSSL 3 builds would complete successfully
but without the engine binaries.

Closes https://github.com/curl/curl/pull/10542

show more ...

cmake: fix Windows check for CryptAcquireContext

Check for CryptAcquireContext in windows.h and wincrypt.h only, since
otherwise this check may fail due to third party headers not found.

cmake: fix Windows check for CryptAcquireContext

Check for CryptAcquireContext in windows.h and wincrypt.h only, since
otherwise this check may fail due to third party headers not found.

Closes https://github.com/curl/curl/pull/10353

show more ...

remote-header-name.d: mention that filename* is not supported

and that you can use --clobber to allow overwriting.

Ref: #10533
Closes #10555

Co-authored-by: Jay Satiro

remote-header-name.d: mention that filename* is not supported

and that you can use --clobber to allow overwriting.

Ref: #10533
Closes #10555

Co-authored-by: Jay Satiro <raysatiro@yahoo.com>

show more ...

CURLOPT_WS_OPTIONS.3: fix the availability version

Closes #10557

GHA: update rustls dependency to 0.9.2

This allows re-enabling test 312 for the rustls backend.

Closes #10553

HTTP3.md: update git branches

Closes #10554

urldata: remove `now` from struct SingleRequest - not needed

Closes #10549