[Daniel's week] June 1, 2024

Sat Jun 1 11:49:24 CEST 2024

Hello,

Another week, another email.

## New Scientist

I recently did a short interview for Alex Wilkins at the New Scientist about
people using AI to file security reports, and his article [1] was published
this week. The fact that it is entirely behind a paywall was quite boring
because now I have not even read it myself.

## random

Someone wanted to include a random uuid in a curl command line and pointed out
the set of variables the tool "Postman" offers. That made me write up a small
proposal [2], mostly for brainstorming around to begin with, if perhaps we
should consider providing a set of built-in variables in a similar style to
help users do more with curl?

My initial pull-request brings a "random" variable that can be used in a few
different ways. I'm looking for more feedback and comments on this, and
perhaps even more in what ways we should change and improve this idea to make
it really good. Or is it just bad idea and we should just scrap it?

## survey ended

The curl survey of 2024 ended and I took it down. We did eventually get a
record number of respondents: 1496. I now need to work on collecting the
numbers, connecting the dots and reading the tea leaves and produce an
analysis document. It will take me a week or two to complete this work.

## curl talk

I was invited to and on Wednesday I did a presentation for the European
Commission's OSPO. I talked about the curl project's journey from nothing to
everywhere. How it happened, how we do it and how perhaps it will be used even
more in the future. It triggered several reasonable and clever questions and I
had a good time.

## HTTP/3 talk

On Thursday I took the train over to Gothenburg and talked HTTP/3 to a crowded
room at Webbhuset. The talk was also streamed and is now available on YouTube
[3]. If you have kept up just a little bit with my HTTP talks the recent years
I don't think this brought a lot of news. It was a fun event, I got a lot of
good questions and I hung out with the peeps there for a while afterwards to
talk more HTTP and of course a lot about curl. I could also hand out quite a
lot of curl stickers to attendees. The coasters seemed to be quite popular and
they ran out almost instantly.

## securityfest

Once my HTTP/3 talk ended, I walked twenty minutes over to the venue where 
this
year's securityfest [4] took place, by a coincidence on this exact same day. I
managed to crash the party, meet A LOT of acquaintances, familiar faces,
friends and of course a whole range of new friends who approached me and said
thanks or gave me their thumbs up. I think showing up in a curl tshirt maybe
helped people realize who this random person might be.

So many friends, so much to talk about. I also gave away several hundred
additional curl stickers to people and I completely emptied the stickers bag I
had brought with me to Gothenburg this time.

For a while there I almost drowned in the appreciation and love shown from
people. Enough for me to live on for quite some time now.

## feature window

Today Saturday June 1st, we open the curl feature window and we will start
merging new features into curl. This means that the next curl version number
will become 8.9.0 and the exact set of new features that manage to land for
that release will of course determined in three weeks when we close the window
again. The next curl release is planned to ship on July 17.

Right now we have six pending PRs that are labeled "feature window" [5] that
might get merged.

## Coming up

  - Thursday: National day of Sweden
  - Friday: OSS CNA Users group meeting

## Links

[1] = https://www.newscientist.com/article/2433247-hackers-are-using-ai-to-find-software-bugs-but-there-is-a-downside/
[2] = https://github.com/curl/curl/pull/13813
[3] = https://www.youtube.com/live/d--aGkEPR3M?si=yncgvCGeEFqJ-3-Q
[4] = https://securityfest.com/
[5] = https://github.com/curl/curl/pulls?q=is%3Aopen+is%3Apr+label%3Afeature-window

-- 

  / daniel.haxx.se