this post was submitted on 12 Sep 2025
46 points (100.0% liked)

Programming

23654 readers
532 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

founded 2 years ago
MODERATORS
snowe@programming.dev
Ategon@programming.dev
MaungaHikoi@lemmy.nz
UlrikHD@programming.dev
46
The challenge of maintaining curl (lwn.net)
submitted 2 months ago by syklemil@discuss.tchncs.de to c/programming@programming.dev
12 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] Lazycog@sopuli.xyz 29 points 2 months ago (4 children)

I knew people in general are terrible to whoever is providing something for free but WTF.

Atleast he also gets occasionally nice emails

He concluded the brief talk with one last email; it was from an 11-year-old child who had found curl useful in some project they were working on. It included an expression of gratitude that, Stenberg said, was truly heartwarming.

[–] syklemil@discuss.tchncs.de 13 points 2 months ago (3 children)

Yeah, it's once again a case of a central piece of software in a very precarious situation, and businesses that aren't … quite mindful of the fact that they're making demands from someone they're not paying.

[–] Lazycog@sopuli.xyz 12 points 2 months ago (1 children)

Exactly. At the same time the same businesses are claiming record profits, and not contributing to that central piece of foss software at all in any way (like the car manifacturers mentioned in the post).

[–] syklemil@discuss.tchncs.de 5 points 2 months ago (1 children)

Yep. I wonder if that CRA compliance stuff won't change that. Industries with strict demands on safety should be putting in work and resources to ensure that those demands are actually met, but how the CRA deals with FOSS took a bit of work to not be a complete disaster, and I can't imagine it's easy for FOSS projects to work out the details there.

As in:

  1. The automotive industry absolutely should be CRA compliant,
  2. it'd be nice for everyone if cURL was known to be CRA compliant,
  3. compliance doesn't appear by magic, someone has to put in work,
  4. companies that should be CRA compliant should help with that work.

In the case where they don't want to pitch in, well, something cURL-equivalent but known CRA-compliant won't just fall off the back of a wagon, which means the companies that need compliance have a problem.

Then again, apparently the HPE Nonstop ecosystem has git available on their platform all through the spare-time efforts of all of one dude, which absolutely shows that critical systems are willing to rely on precarious software, so I'm not gonna hold my breath.

[–] Lazycog@sopuli.xyz 3 points 2 months ago

You put it well. Big Companies who rely on these libraries should put in the work. They have the money and resources to help FOSS projects reach compliance.

load more comments (1 replies)
load more comments (1 replies)