GHA: update five dependencies

- rojopolis/spellcheck-github-actions digest to ab8ac45
- nghttp2/nghttp2 to v1.64.0
- actions/cache digest to 6849a64
- github/codeql-action digest

GHA: update five dependencies

- rojopolis/spellcheck-github-actions digest to ab8ac45
- nghttp2/nghttp2 to v1.64.0
- actions/cache digest to 6849a64
- github/codeql-action digest to 6624720
- Update actions/checkout digest to 11bd719

Closes #15341
Closes #15346
Closes #15365
Closes #15366
Closes #15387

show more ...

CI: update rojopolis/spellcheck, actions/checkout, actions/upload-artifact

- update rojopolis/spellcheck-github-actions digest to 7ff888c
- update actions/checkout digest to eef6144

CI: update rojopolis/spellcheck, actions/checkout, actions/upload-artifact

- update rojopolis/spellcheck-github-actions digest to 7ff888c
- update actions/checkout digest to eef6144
- update actions/upload-artifact digest to b4b15b8

Closes #15207
Closes #15184
Closes #15187

show more ...

CI: bump actions/checkout from 4.1.7 to 4.2.0

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/rel

CI: bump actions/checkout from 4.1.7 to 4.2.0

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/692973e3d937129bcbf40652eb9f2f61becf3332...d632683dd7b4114ad314bca15554477dd762a938)

---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Closes #15095

show more ...

GHA: misc updates: impacket, timeouts, mingw-w64 32-bit

- NetBSD: enable impacket. Debatable if this hefty package is worth it
for the single SMB test (1451) run curl uses it for.

GHA: misc updates: impacket, timeouts, mingw-w64 32-bit

- NetBSD: enable impacket. Debatable if this hefty package is worth it
for the single SMB test (1451) run curl uses it for.
(on the upside, it seems to install instantly on NetBSD)
It's also a versioned package name that requires active maintenance.
The unversioned name doesn't work, though that's what the package
search returns: https://pkgsrc.se/net/py-impacket

- FreeBSD: stop installing impacket deps explicitly.
They are automatically installed via the impacket package.

- Linux: put time limit on test runs.
Started hanging yesterday:
linux: https://github.com/curl/curl/actions/runs/10875011573/job/30172946986#step:41:3731
awslc: https://github.com/curl/curl/actions/runs/10879782864/job/30185188509
wolfssl: https://github.com/curl/curl/actions/runs/10879782864/job/30185188509

- distcheck: reduce time limit to 15m (was 30m)
Linux tests started to hang, so reduce the timeout from 30 minutes
to 15. These jobs normally take 3 to 6 minutes to finish.
https://github.com/curl/curl/actions/runs/10879479914

- Windows: add 32-bit MSYS2/mingw-w64 job.
Follow-up to e53523fef07894991c69d907a7c7794c7ada4ff4 #14859

Closes #14929

show more ...

GHA/distcheck: keep upload artifacts for one day only

The uploads are only used as a cache mechanism between jobs to save them
from having to re-run maketgz multiple times, so there is n

GHA/distcheck: keep upload artifacts for one day only

The uploads are only used as a cache mechanism between jobs to save them
from having to re-run maketgz multiple times, so there is no need to
save the artifact longer than this.

Closes #14793

show more ...

maketgz: move from / into scripts

Closes #14797

GHA/distcheck:: bump actions/upload-artifact from 4.3.6 to 4.4.0

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.6 to 4.4.0.
- [Release notes](https:

GHA/distcheck:: bump actions/upload-artifact from 4.3.6 to 4.4.0

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.6 to 4.4.0.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/834a144ee995460fba8ed112a2fc961b36a5ec5a...50769540e7f4bd5e21e526ee35c689e35e0d6874)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Closes #14759

show more ...

GHA: add yamlcheck

Uses `yamllint`.

Also:
- fix warning for existing YAML files:
```
[truthy] truthy value should be one of [false, true]
```

Closes #

GHA: add yamlcheck

Uses `yamllint`.

Also:
- fix warning for existing YAML files:
```
[truthy] truthy value should be one of [false, true]
```

Closes #14650

show more ...

cmake: show warning if libpsl is not found

Also:
- explicitly disable libpsl in CI to avoid configure warning, where
necessary.
- add TODO to make this warning an error (to mat

cmake: show warning if libpsl is not found

Also:
- explicitly disable libpsl in CI to avoid configure warning, where
necessary.
- add TODO to make this warning an error (to match autotools.)

Follow-up to 2998874bb61ac6ef3b72d6a61467cd2aaf6e53ea #12661

Closes #14533

show more ...

GHA: bump deps: upload-artifact, codeql and spellcheck

- bump actions/upload-artifact from 4.3.5 to 4.3.6

Signed-off-by: dependabot[bot] <support@github.com>

Closes #14506

GHA: bump deps: upload-artifact, codeql and spellcheck

- bump actions/upload-artifact from 4.3.5 to 4.3.6

Signed-off-by: dependabot[bot] <support@github.com>

Closes #14506

- bump github/codeql-action from 3.25.15 to 3.26.0

Closes #14507

- bump rojopolis/spellcheck-github-actions digest to a0fba0c

Closes #14518

show more ...

dist: add CI job to detect files missing from distro

Also:
- delete previous, cmake-specific solution.
- move a CI script under `.github`.

Follow-up to a118a6ecddb0322a6da07

dist: add CI job to detect files missing from distro

Also:
- delete previous, cmake-specific solution.
- move a CI script under `.github`.

Follow-up to a118a6ecddb0322a6da07815aabf9e36cd5f44bc #14323
Closes #14463

show more ...

ci: Update actions/upload-artifact digest to 89ef406

Closes #14359

GHA/distcheck: add a reproducible release check

dist: fix reproducible build from release tarball

Make it possible to rebuild an identical copy from a release tarball. It
was previously only possible from a checked out git repository.

dist: fix reproducible build from release tarball

Make it possible to rebuild an identical copy from a release tarball. It
was previously only possible from a checked out git repository.

- add release-tools.sh to dist
- keep Makefile.dist around to include it in dist
- regenerate tool_huge.c with the new version in dist
- fix the dist CI job to not do make clean like before

Closes #14336

show more ...

cmake: distcheck for files in CMake subdir

- add CMake option to verify if the `CMake/*.cmake`, `CMake/*.in` files
are listed as distributable in autotools' `EXTRA_DIST`. The check can

cmake: distcheck for files in CMake subdir

- add CMake option to verify if the `CMake/*.cmake`, `CMake/*.in` files
are listed as distributable in autotools' `EXTRA_DIST`. The check can
be enabled with `-DENABLE_DIST_TEST=ON` CMake option.

- add CI job to that effect.

Ref: #14320
Closes #14323

show more ...

GHA: update actions/upload-artifact and actions/download-artifact

update actions/upload-artifact digest to 0b2256b
update actions/download-artifact digest to fa0a91b

Closes #141

GHA: update actions/upload-artifact and actions/download-artifact

update actions/upload-artifact digest to 0b2256b
update actions/download-artifact digest to fa0a91b

Closes #14111
Closes #14110

show more ...

GHA: update pinned actions

- github/codeql-action digest to 23acc5c
- actions/checkout digest to 692973e
- rojopolis/spellcheck-github-actions digest to d354a4d

Closes #1393

GHA: update pinned actions

- github/codeql-action digest to 23acc5c
- actions/checkout digest to 692973e
- rojopolis/spellcheck-github-actions digest to d354a4d

Closes #13935
Closes #13945
Closes #13946

show more ...

GHA: bump all build jobs to nproc+1

- bump rest of the workflows (windows, macos, distrocheck).

- non-native virtualized envs have 2 CPUs, bump down accordingly.
(for `vmactio

GHA: bump all build jobs to nproc+1

- bump rest of the workflows (windows, macos, distrocheck).

- non-native virtualized envs have 2 CPUs, bump down accordingly.
(for `vmactions/omnios-vm` it's just a guess.)

- bump all to nproc + 1.

Follow-up to e838b341a08b44d4a8486fb0d3f15d12fc794c62 #12927
Closes #13807

show more ...

GHA: bump actions/checkout from 4.1.4 to 4.1.6

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/re

GHA: bump actions/checkout from 4.1.4 to 4.1.6

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/0ad4b8fadaa221de15dcec353f45205ec38ea70b...a5ac7e51b41094c92402da3b24376905380afc29)

---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Closes #13720

show more ...

GHA: pin dependencies

Closes #13628

ci: parallelize more, tidy up cmake commands (distcheck, macos)

Also enable `-DCURL_WERROR=ON` in the Linux cmake build test.

Closes #13343

dist: verify tarball reproducibility in CI

Closes #13327

GHA: disable permissions where missing

Reviewed-by: Daniel Stenberg
Closes #13306

CI: install libpsl or configure --without-libpsl in builds

As a follow-up to the stricted libpsl check in configure

build(deps): bump actions/upload-artifact from 3 to 4

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/action

build(deps): bump actions/upload-artifact from 3 to 4

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Closes #12627

show more ...